4.3
CVE-2026-44919
- EPSS 0.47%
- Veröffentlicht 14.05.2026 00:00:00
- Zuletzt bearbeitet 20.05.2026 17:16:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerOpenStack
≫
Produkt
Ironic
Default Statusunaffected
Version
23.0.4
Version <
29.0.6
Status
affected
Version
30.0.0
Version <
32.0.2
Status
affected
Version
33.0.0
Version <
35.0.2
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.47% | 0.367 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cve@mitre.org | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-696 Incorrect Behavior Order
The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways that may produce resultant weaknesses.
https://bugs.launchpad.net/ironic/+bug/2150332
https://opendev.org/openstack/ironic/commit/a3f6d735ac3642ab95b49142c7305f072ae748d0
https://security.openstack.org/ossa/OSSA-2026-013.html