image_source URL lack of checksum validation in OpenStack Ironic

CVE-2024-47211

Currently unrated 🤨

Key Information

Vendor
OpenStack
Vendor
CVE Published:
4 October 2024

Summary

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied image_source URLs when configured to convert images to a raw format for streaming.

References

Timeline

  • Vulnerability published

Collectors

NVD DatabaseMitre Database
.