CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

PT-2026-36306

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions 13 through 29 Description An issue exists where the 'POST /v3/credentials' endpoint fails to validate that the project id provided by the caller for an EC2-type credential matches the project of the authenticating...

CVE-2026-43001

CVE-2026-43001 affects OpenStack Keystone (versions 13–29) where POST /v3/credentials does not validate that the caller-supplied project_id for an EC2-type credential matches the authenticating application credential’s project. An attacker with an unrestricted app_cred for project A can create an...

OpenStack ironic-python-agent 安全漏洞

OpenStack ironic-python-agent is an open-source proxy program for bare metal nodes in OpenStack. There are security vulnerabilities in the version of OpenStack ironic-python-agent from 1.0.0 to 11.5.0. These vulnerabilities stem from the execution of grub-install within a chroot environment, whic...

CVE-2026-43001

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

CVE-2026-43003

CVE-2026-43003 affects OpenStack Ironic Python Agent (IPA) versions 1.0.0 through 11.5.0. The issue arises when IPA sometimes executes grub-install from within a chroot of the deployed partition image, enabling code execution in the presence of a malicious image. The CVSSv3.1 metrics indicate a h...

PT-2026-36307

Name of the Vulnerable Software and Affected Versions OpenStack ironic-python-agent versions 1.0.0 through 11.5.0 Description Ironic Python Agent IPA may execute the grub-install function from within a chroot of the deployed partition image. This behavior can lead to arbitrary code execution if a...

CVE-2026-43001

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

Important: Red Hat Security Advisory: Release of containers for RHOSO 18.0.18 security update

Red Hat OpenStack Services on OpenShift RHOSO 18.0.18 containers are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHSA-2026:7885 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update

Bulletin has no description...

RHSA-2026:7884 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (openstack-nova) security update

Bulletin has no description...

CVE-2026-42510

A flaw was found in OpenStack Ironic. When configured with a console interface in a non-default setup, this vulnerability allows an attacker to execute ipmitool commands. This unauthorized execution can lead to remote management of the underlying hardware, potentially resulting in arbitrary code...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update

An update for golang-github-openstack-k8s-operators-os-diff is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

openstack-nova-compute: Arbitrary Host File Overwrite via Unconstrained qemu-img Format Handling in OpenStack Nova

A flaw in OpenStack Nova’s interaction with the qemu-img utility allows an authenticated user to overwrite arbitrary files on the compute host. This occurs because Nova invokes qemu-img without strictly constraining the disk image format, enabling a malicious user to craft a QCOW2 header on a raw...

Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0.18 (openstack-nova) (RHSA-2026:7884)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7884 advisory. OpenStack Compute nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable...

Linux Distros Unpatched Vulnerability : CVE-2026-42510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. CVE-2026-42510 Note that Nessus relies on...

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) (RHSA-2026:7885)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7885 advisory. Security Fixes: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload CVE-2025-65637 Unexpected session resumption ...

GHSA-WQPV-C3PP-3M58 OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...