| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-48681 | vulnerable | fixed | fixed | vulnerable | vulnerable | OpenStack Ironic through before 35.0.2 allows file overwrite via direc ... |
| CVE-2026-46447 | vulnerable | fixed | fixed | vulnerable | vulnerable | OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE ... |
| CVE-2026-44919 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In OpenStack Ironic through 35.x before a3f6d73, during image handling ... |
| CVE-2026-44917 | vulnerable | fixed | fixed | vulnerable | vulnerable | OpenStack Ironic before 35.0.2 allows a malicious authenticated projec ... |
| CVE-2026-44916 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In OpenStack Ironic before 35.0.2 (in a certain non-default configurat ... |
| CVE-2026-42997 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in idrac in OpenStack Ironic before 35.0.1. Du ... |
| CVE-2026-42510 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-defa ... |
| CVE-2025-44021 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | OpenStack Ironic before 29.0.1 can write unintended files to a target ... |
| CVE-2024-47211 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x a ... |
| CVE-2024-44082 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13. ... |