[Git][security-tracker-team/security-tracker][master] Add CVE-2025-44021/ironic

Thu, 08 May 2025 13:44:38 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ffc3aae9 by Salvatore Bonaccorso at 2025-05-08T22:44:09+02:00
Add CVE-2025-44021/ironic

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,10 @@ CVE-2025-45787 (TOTOLINK A3100R V5.9c.1527 is vulnerable to 
Buffer Overflow viat
 CVE-2025-44023 (An issue in dlink DNS-320 v.1.00 and DNS-320LW 
v.1.01.0914.20212 allow ...)
        NOT-FOR-US: D-Link
 CVE-2025-44021 (OpenStack Ironic before 29.0.1 can write unintended files to a 
target  ...)
-       TODO: check
+       - ironic <unfixed>
+       NOTE: https://bugs.launchpad.net/ironic/+bug/2107847
+       NOTE: https://security.openstack.org/ossa/OSSA-2025-001.html
+       NOTE: https://www.openwall.com/lists/oss-security/2025/05/08/1
 CVE-2025-41450 (Improper Authentication vulnerability in Danfoss AKSM8xxA 
Series.This  ...)
        NOT-FOR-US: Danfoss
 CVE-2025-40846 (Improper Input Validation, the returnUrl parameter in Account 
Security ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffc3aae9c0e97a2ff3e1016693f6586862cd67a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffc3aae9c0e97a2ff3e1016693f6586862cd67a4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to