Medium severity6.5NVD Advisory· Published Aug 31, 2017· Updated May 13, 2026

CVE-2015-5695

Description

Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.openstack.org/pipermail/openstack/2015-July/013548.htmlnvdPatchVendor AdvisoryWEB
launchpadlibrarian.net/211525251/bug-1471161-quotas-master.patchnvdMailing ListPatchThird Party AdvisoryWEB
bugs.launchpad.net/designate/+bug/1471161nvdExploitIssue TrackingThird Party AdvisoryWEB
www.openwall.com/lists/oss-security/2015/07/28/11nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2015/07/29/6nvdMailing ListThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
github.com/advisories/GHSA-m6h2-634h-jcpjghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2015-5695ghsaADVISORY
github.com/pypa/advisory-database/tree/main/vulns/designate/PYSEC-2017-114.yamlghsaWEB
www.openwall.com/lists/oss-security/2015/07/28/11ghsaWEB
www.openwall.com/lists/oss-security/2015/07/29/6ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000