Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-16848

A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.

Related bugs and status

CVE-2018-16848 (Candidate) is related to these bugs:

Bug #1785657: Denial of service through YAML anchors expansion (Billion Laughs)

Summary				In	Importance	Status
	1785657	Denial of service through YAML anchors expansion (Billion Laughs)		Mistral	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...
MISC: https://bugzilla.redha...