CVE-2016-0738: OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service
7.5
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.90063%
CWE
-
Published
5/17/2022
Updated
2/13/2023
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
swift | pip | < 2.3.1 | 2.3.1 |
swift | pip | >= 2.4.0, < 2.5.1 | 2.5.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability root cause was identified in the SegmentedIterable
class handling large object transfers. Multiple sources (bug reports, commit diffs, and OSSA advisory) show the fix involved adding explicit closure of app_iter
generators in SegmentedIterable.close()
to resolve cyclic references. This matches the CVE description of connection resource leaks during interrupted requests to large objects.