2 matches found
Arbitrary File Write
Ironic is vulnerable to Arbitrary File Write. The vulnerability is due to insufficient validation of user-supplied file paths during image deployment via the API, allowing attackers to write unintended files to the target node disk...
CVE-2024-1961
CVE-2024-1961 affects the open-source project vertaai/modeldb. The vulnerability is a path traversal flaw caused by improper sanitization of user-supplied file paths in the file upload flow, specifically in the NFSController.java and NFSService.java components. Attackers can manipulate the artifa...