231 matches found
EUVD-2015-0025
Malware in sbrugna...
EUVD-2019-0067
Malware in sbrugna...
EUVD-2022-3715
Malicious code in bioql PyPI...
EUVD-2023-45147
Malicious code in bioql PyPI...
EUVD-2025-14023
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-44021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious...
Linux Distros Unpatched Vulnerability : CVE-2019-10141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in...
GHSA-Q3M2-CRGQ-5P3Q OpenStack Ironic fails to restrict paths used for file:// image URLs
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
OpenStack Ironic fails to restrict paths used for file:// image URLs
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
PYSEC-2025-38
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
DEBIAN-CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
PYSEC-2025-38
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
UBUNTU-CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...
OpenStack Ironic 安全漏洞
OpenStack Ironic is an integrated OpenStack program open-sourced by OpenStack. It is used to configure bare metal rather than virtual machines. A security vulnerability exists in OpenStack Ironic versions prior to 29.0.1, which stems from an unexpected file that may be written to the target node...
PT-2025-20397 · Openstack +1 · Openstack Ironic +1
Name of the Vulnerable Software and Affected Versions: OpenStack Ironic versions prior to 24.1.3 OpenStack Ironic versions prior to 26.1.1 OpenStack Ironic versions prior to 29.0.1 Description: The issue allows a malicious project assigned as a node owner to provide a path to any local file...
CVE-2025-44021
OpenStack Ironic prior to 29.0.1 is vulnerable to a local-file write during image handling when a deployment is performed via the API. A malicious project assigned as a node owner can supply a path to a local file (readable by ironic-conductor), which may then be written to the target node’s disk...
CVE-2025-44021
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...