Lucene search
K

221 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 11:59 p.m.7 views

CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS5.5AI score0.00433EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/04 11:59 p.m.42 views

CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS0.00433EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:59 p.m.8 views

CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

7.5CVSS5.5AI score0.00433EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:59 p.m.7 views

CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS5.5AI score0.00433EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 4:17 a.m.11 views

CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

8.1CVSS0.00601EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 4:17 a.m.10 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:30 a.m.15 views

EUVD-2026-34181

OpenStack Ironic through 35.0.x allows Boot Script Injection...

5.8AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/04 12:13 a.m.13 views

CVE-2026-42997

A flaw was found in OpenStack Ironic. During the import process, a user invoking molds can request that authorization credentials be sent to a remote endpoint. This can lead to the disclosure of a time-limited Keystone token, which grants access to OpenStack services Ironic is authorized for, or...

7.7CVSS5.7AI score0.0044EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46840

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions 32 through 35.0.1 Description An unauthenticated malicious user can cause a service crash by submitting a crafted JSON string to certain endpoints on the API or JSON-RPC service. Recommendations Update OpenStack Ironi...

7.5CVSS5.5AI score0.00433EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.25 views

PT-2026-46139

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An issue exists where a crafted ISO image can lead to file overwrite via directory traversal during the deployment process. Directory traversal is a technique that allows an attacker to...

8.1CVSS5.4AI score0.00601EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.6 views

CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

5.9CVSS5.8AI score0.00601EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/04 12:0 a.m.20 views

CVE-2026-48681

OpenStack Ironic versions before 35.0.2 are affected by a vulnerability that allows file overwrite via directory traversal during deployment when processing a crafted ISO image. The issue concerns the deployment phase’s handling of ISO content, enabling unintended filesystem writes. Public source...

8.1CVSS5.8AI score0.00601EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application. It is used to configure bare machines rather than virtual machines. Versions of OpenStack Ironic prior to 35.0.2 contained a security vulnerability. This vulnerability stemmed from allowing malicious project administrators or managers to re...

4.9CVSS5.2AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. Prior to version 35.0.2 of OpenStack Ironic, there was a security vulnerability that occurred due to the use of speciall...

8.1CVSS5.2AI score0.00601EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:0 a.m.14 views

EUVD-2026-34202

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.39 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.35 views

CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

5.9CVSS0.00601EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.8 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/04 12:0 a.m.20 views

CVE-2026-44917

OpenStack Ironic (prior to 35.0.2) is vulnerable to an information-disclosure issue where a malicious authenticated project admin or manager can read local files on the Ironic conductor via a pxe_template. This CVE is documented across multiple sources (OpenStack Ironic, Debian tracker, CVE lists...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/04 12:0 a.m.11 views

EUVD-2026-34203

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

8.1CVSS5.8AI score0.00601EPSS
Exploits0References2
Rows per page
Query Builder