MEDIUM 6.6
GHSA-wqpv-c3pp-3m58
OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere
Details
OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / ironic
Introduced in:
0 No fixed version published yet for ironic (pip). Pin to a known-safe version or switch to an alternative.