Medium severity6.5NVD Advisory· Published Nov 26, 2025· Updated Apr 15, 2026
CVE-2021-4472
CVE-2021-4472
Description
The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
python-mistralclientPyPI | < 4.3.0 | 4.3.0 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- github.com/advisories/GHSA-75hx-6r6j-hw56ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-4472ghsaADVISORY
- access.redhat.com/security/cve/CVE-2021-4472nvdWEB
- bugs.launchpad.net/horizon/+bug/1931558nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- lists.debian.org/debian-lts-announce/2025/12/msg00002.htmlnvdWEB
- lists.debian.org/debian-lts-announce/2025/12/msg00003.htmlnvdWEB
- opendev.org/openstack/mistral-dashboardghsaPACKAGE
- review.opendev.org/c/openstack/mistral-dashboard/+/800952nvdWEB
- review.opendev.org/c/openstack/python-mistralclient/+/800950nvdWEB
News mentions
0No linked articles in our index yet.