Package impact
PyPI / ironic
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4985 | high | 7.5 | 7.5 | 10y ago | OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor | |||
| CVE-2026-42510 | medium | 6.6 | 6.6 | 1mo ago | OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere | |||
| CVE-2026-44919 | medium | 4.3 | 4.3 | 21d ago | OpenStack Ironic: Pre-Validation Checksum Calculation allows Denial of Service (DoS) via Infinite Block Devices | |||
| CVE-2025-44021 | unknown | — | — | 1y ago | OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can pro… | |||
| CVE-2024-47211 | unknown | — | — | 2y ago | OpenStack Ironic fails to verify checksums of supplied image_source URLs |