Slawek Kaplonski

**Name of the Vulnerable Software and Affected Versions** OpenStack Neutron versions prior to 16.4.1 OpenStack Neutron versions 17.x prior to 17.2.1 OpenStack Neutron versions 18.x prior to 18.1.1 **Description** An issue in the routes middleware allows an authenticated user to cause API performance degradation or denial of service by making API requests involving nonexistent controllers, resulting in the API worker consuming increasing amounts of memory. **Recommendations** For OpenStack Neutron versions prior to 16.4.1, update to version 16.4.1 or later. For OpenStack Neutron versions 17.x prior to 17.2.1, update to version 17.2.1 or later. For OpenStack Neutron versions 18.x prior to 18.1.1, update to version 18.1.1 or later.