VYPR

Ironic Python Agent

by OpenStack

Source repositories

CVEs (2)

  • CVE-2026-43003HigMay 1, 2026
    risk 0.45cvss 8.0epss 0.01

    An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image.

  • CVE-2024-44082MedSep 6, 2024
    risk 0.28cvss 4.3epss 0.01

    In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to…