Vulnerability Details CVE-2018-16848
A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2018-16848
-
cpe:2.3:a:redhat:openstack-mistral:-
-
cpe:2.3:a:redhat:openstack-mistral:7.0.0
-
cpe:2.3:a:redhat:openstack-mistral:7.0.1
-
cpe:2.3:a:redhat:openstack-mistral:7.0.2
-
cpe:2.3:a:redhat:openstack-mistral:7.0.3