191 matches found
CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-44917
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...
EUVD-2026-34181
OpenStack Ironic through 35.0.x allows Boot Script Injection...
CVE-2026-42997
A flaw was found in OpenStack Ironic. During the import process, a user invoking molds can request that authorization credentials be sent to a remote endpoint. This can lead to the disclosure of a time-limited Keystone token, which grants access to OpenStack services Ironic is authorized for, or...
PT-2026-46139
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
EUVD-2026-34203
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-44917
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...
CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-44917
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...
EUVD-2026-34202
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...
CVE-2026-44917
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...
CVE-2026-44917
OpenStack Ironic (prior to 35.0.2) is vulnerable to an information-disclosure issue where a malicious authenticated project admin or manager can read local files on the Ironic conductor via a pxe_template. This CVE is documented across multiple sources (OpenStack Ironic, Debian tracker, CVE lists...
CVE-2026-48681
CVE-2026-48681 affects OpenStack Ironic, prior to 35.0.2. The vulnerability enables a crafted ISO image deployment to cause a file overwrite via directory traversal during deployment. Affected component: Ironic deployment workflow; root cause: directory traversal in ISO handling. Impact is limite...
CVE-2026-46447
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...
PT-2026-46066
OpenStack Ironic through 35.0.x allows Boot Script Injection...
CVE-2026-46447
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...
CVE-2026-46447
OpenStack Ironic (through 35.0.x) is affected by CVE-2026-46447. Before 35.0.2, it allows Boot Script Injection of an iPXE script if an attacker can set node.driver_info or node.instance_info, enabling remote boot script manipulation. Impact is limited to high-privilege, network-exposed scenarios...
CVE-2026-46447
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...