CVE-2012-1585
OpenStack Nova Long server names grow nova-api log files significantly
EPSS 0.47%
Description
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
How to fix CVE-2012-1585
To remediate CVE-2012-1585, upgrade the affected package to a fixed version below.
- Debian/nova—upgrade to 2012-1~rc3-1 or later
- PyPI/nova—upgrade to 12.0.0a0 or later
Is CVE-2012-1585 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2012-1~rc3-1
- from 0, < 12.0.0a0