Openstack Ironic vulnerabilities

CVE-2025-44021 [LOW] CWE-22 CVE-2025-44021: OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handlin OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, b

CVE-2024-47211 [MEDIUM] CWE-354 OpenStack Ironic fails to verify checksums of supplied image_source URLs OpenStack Ironic fails to verify checksums of supplied image_source URLs In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied image_source URLs when configured to convert images to a raw format for streaming.

CVE-2024-44082 [MEDIUM] CVE-2024-44082: In OpenStack Ironic before 26 In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data. The affected/fixed version details are: Ironic: =22.0.0 =23.1.0 =25.0.0 =9.5.0 =9.8.0 =9.12.0 <9.13.1.

CVE-2016-4985 [HIGH] CWE-200 OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the `v1/drivers/$DRI

CVE-2015-7514 [MEDIUM] CWE-200 CVE-2015-7514: OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authen OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information.