Critical severityNVD Advisory· Published Nov 25, 2015· Updated Jun 17, 2026
CVE-2015-5306
CVE-2015-5306
Description
OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
python-ironic-inspector-clientPyPI | < 0.2.5 | 0.2.5 |
ironic-inspectorPyPI | < 2.2.2 | 2.2.2 |
Affected products
3- cpe:2.3:a:openstack:ironic_inspector:*:*:*:*:*:*:*:*
- ghsa-coords2 versions
< 2.2.2+ 1 more
- (no CPE)range: < 2.2.2
- (no CPE)range: < 0.2.5
Patches
Vulnerability mechanics
References
12- access.redhat.com/errata/RHSA-2015:1929nvdVendor AdvisoryWEB
- bugs.launchpad.net/ironic-inspector/+bug/1506419nvdVendor AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdVendor AdvisoryWEB
- github.com/advisories/GHSA-x64g-wjmw-w328ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-5306ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2015-2685.htmlnvdWEB
- access.redhat.com/errata/RHSA-2015:2685ghsaWEB
- access.redhat.com/security/cve/CVE-2015-5306ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/ironic-inspector/PYSEC-2015-28.yamlghsaWEB
- opendev.org/openstack/ironic-inspectorghsaPACKAGE
- opendev.org/openstack/ironic-inspector/commit/2c64da2bee6eeea27c08eb7a94894feaa5494910ghsaWEB
- opendev.org/openstack/ironic-inspector/commit/77d0052c5133034490386fbfadfdb1bdb49aa44fghsaWEB
News mentions
0No linked articles in our index yet.