ironic@15.0.0 vulnerabilities

OpenStack Bare Metal Provisioning

latest version

26.1.1
first published

6 years ago
latest version published

a month ago
licenses detected
- Apache-2.0
  [0,)
View ironic package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the ironic package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Improper Validation of Integrity Check Value ironic is an OpenStack Bare Metal Provisioning Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value due missing validations of checksum files of supplied `image_source` URLs, before the raw format conversion. How to fix Improper Validation of Integrity Check Value? Upgrade `ironic` to version 21.4.4, 23.0.3, 24.1.3, 26.1.1 or higher.	[,21.4.4) [22.0.0,23.0.3) [23.1.0,24.1.3) [25.0.0,26.1.1)
H Information Exposure ironic is an OpenStack Bare Metal Provisioning Affected versions of this package are vulnerable to Information Exposure via the image processing in `qemu-img`. Note: This is exploitable only for authenticated users. How to fix Information Exposure? There is no fixed version for `ironic`.	[0,)

Improper Validation of Integrity Check Value

ironic is an OpenStack Bare Metal Provisioning

Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value due missing validations of checksum files of supplied image_source URLs, before the raw format conversion.

How to fix Improper Validation of Integrity Check Value?

Upgrade ironic to version 21.4.4, 23.0.3, 24.1.3, 26.1.1 or higher.

[,21.4.4) [22.0.0,23.0.3) [23.1.0,24.1.3) [25.0.0,26.1.1)

Information Exposure

ironic is an OpenStack Bare Metal Provisioning

Affected versions of this package are vulnerable to Information Exposure via the image processing in qemu-img. Note: This is exploitable only for authenticated users.

How to fix Information Exposure?

There is no fixed version for ironic.

[0,)

Go back to all versions of this package

ironic@15.0.0 vulnerabilities

OpenStack Bare Metal Provisioning

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities