{"id":"CVE-2013-4185","details":"Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests.","aliases":["GHSA-ph2h-hh49-vh27"],"modified":"2026-04-10T03:42:55.435626Z","published":"2013-10-29T22:55:02Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-1199.html"},{"type":"ADVISORY","url":"http://seclists.org/oss-sec/2013/q3/282"},{"type":"ADVISORY","url":"https://bugs.launchpad.net/nova/+bug/1184041"},{"type":"EVIDENCE","url":"https://bugs.launchpad.net/nova/+bug/1184041"},{"type":"FIX","url":"http://seclists.org/oss-sec/2013/q3/282"}],"schema_version":"1.7.5"}