CVE-2024-47211
- Source
- https://cve.org/CVERecord?id=CVE-2024-47211
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47211.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-47211
- Aliases
- Downstream
- Published
- 2024-10-04T18:15:08.550Z
- Modified
- 2026-04-10T05:18:10.406290Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied image_source URLs when configured to convert images to a raw format for streaming.
- References
Affected packages
Git / github.com/openstack/ironic
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openstack/ironic
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "21.4.4" }, { "introduced": "23.x" }, { "fixed": "23.0.3" }, { "introduced": "24.x" }, { "fixed": "24.1.3" }, { "introduced": "26.x" }, { "fixed": "26.1.0" } ] }
Affected versions
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
12.*
12.0.0
12.1.0
12.2.0
13.*
13.0.0
14.*
14.0.0
15.*
15.0.0
15.1.0
15.2.0
16.*
16.0.0
16.1.0
16.2.0
17.*
17.0.0
18.*
18.0.0
18.1.0
18.2.0
19.*
19.0.0
20.*
20.0.0
20.1.0
20.2.0
2014.*
2014.1.b1
2014.1.b2
2014.1.b3
2014.1.rc1
2014.2.b1
2014.2.b2
2014.2.b3
2014.2.rc1
2015.*
2015.1.0b1
2015.1.0b2
2015.1.0b3
2015.1.0rc1
21.*
21.0.0
21.1.0
21.2.0
21.3.0
21.4.0
21.4.1
21.4.2
21.4.3
22.*
22.0.0
22.1.0
23.*
23.0.0
23.0.1
23.0.2
23.1.0
24.*
24.0.0
24.1.0
24.1.1
24.1.2
25.*
25.0.0
26.*
26.0.0
4.*
4.0.0
4.1.0
4.2.0
4.3.0
5.*
5.0.0
5.1.0
6.*
6.0.0
6.1.0
6.2.0
7.*
7.0.0
8.*
8.0.0
9.*
9.0.0
9.2.0
bugfix-22.*
bugfix-22.0-eol