Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2024-44082

Medium priority

Some fixes available 2 of 5

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img,...

1 affected packages

ironic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ironic Fixed Fixed Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-2088

Medium priority

Some fixes available 10 of 30

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their...

5 affected packages

cinder, ironic, nova, python-glance-store, python-os-brick

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder Fixed Ignored Ignored Ignored
ironic Fixed Ignored Ignored Ignored
nova Fixed Ignored Ignored Ignored
python-glance-store Fixed Ignored Ignored Ignored
python-os-brick Fixed Ignored Ignored Ignored
Show less packages

CVE-2019-10141

Medium priority
Vulnerable

A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function...

1 affected packages

ironic-inspector

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ironic-inspector Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2015-7514

Medium priority
Ignored

OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information.

1 affected packages

ironic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ironic Not affected Not affected
Show less packages

CVE-2016-4985

Medium priority

Some fixes available 1 of 5

The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a...

1 affected packages

ironic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ironic Not affected Fixed
Show less packages