Ironic Inspector OpenStack Ironic Inspector

Do you want an email whenever new security vulnerabilities are reported in OpenStack Ironic Inspector?

By the Year

In 2024 there have been 0 vulnerabilities in OpenStack Ironic Inspector . Ironic Inspector did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 9.10
2018 0 0.00

It may take a day or so for new Ironic Inspector vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent OpenStack Ironic Inspector Security Vulnerabilities

A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1

CVE-2019-10141 9.1 - Critical - July 30, 2019

A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service.

SQL Injection

OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might

CVE-2015-5306 - November 25, 2015

OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.

7PK - Security Features

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for OpenStack Ironic Inspector or by OpenStack? Click the Watch button to subscribe.

OpenStack
Vendor

subscribe