{"id":"GHSA-q3m2-crgq-5p3q","summary":"OpenStack Ironic fails to restrict paths used for file:// image URLs","details":"OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, because a node deployed in this manner should never reach the ACTIVE state, but it still represents a danger in environments running with non-default, insecure configurations such as with automated cleaning disabled. The fixed versions are 24.1.3, 26.1.1, and 29.0.1.","aliases":["CVE-2025-44021","PYSEC-2025-38"],"modified":"2026-06-09T13:05:48Z","published":"2025-05-08T18:30:42Z","database_specific":{"github_reviewed_at":"2025-05-08T20:57:17Z","nvd_published_at":"2025-05-08T17:16:01Z","severity":"LOW","cwe_ids":["CWE-22"],"github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-44021"},{"type":"WEB","url":"https://github.com/openstack/ironic/commit/10590b36f541130f6a5d7a49da0f095ff8390cce"},{"type":"WEB","url":"https://bugs.launchpad.net/ironic/+bug/2107847"},{"type":"PACKAGE","url":"https://github.com/openstack/ironic"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/ironic/PYSEC-2025-38.yaml"},{"type":"WEB","url":"https://security.openstack.org/ossa/OSSA-2025-001.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/05/08/1"}],"affected":[{"package":{"name":"ironic","ecosystem":"PyPI","purl":"pkg:pypi/ironic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"24.1.3"}]}],"versions":["0.0","10.1.10","10.1.7","10.1.8","10.1.9","11.1.1","11.1.2","11.1.3","11.1.4","12.0.0","12.1.0","12.1.1","12.1.2","12.1.3","12.1.4","12.1.5","12.1.6","12.2.0","13.0.0","13.0.1","13.0.2","13.0.3","13.0.4","13.0.5","13.0.6","13.0.7","14.0.0","15.0.0","15.0.1","15.0.2","15.1.0","15.2.0","16.0.0","16.0.1","16.0.2","16.0.3","16.0.4","16.0.5","16.1.0","16.2.0","17.0.0","17.0.1","17.0.2","17.0.3","17.0.4","17.1.0","18.0.0","18.1.0","18.2.0","18.2.1","18.2.2","18.3.0","19.0.0","20.0.0","20.1.0","20.1.1","20.1.2","20.1.3","20.2.0","21.0.0","21.1.0","21.1.1","21.1.2","21.2.0","21.3.0","21.4.0","21.4.1","21.4.2","21.4.3","21.4.4","22.0.0","22.1.0","23.0.0","23.0.1","23.0.2","23.0.3","23.0.4","23.0.5","23.1.0","24.0.0","24.1.0","24.1.1","24.1.2","9.1.6","9.1.7"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-q3m2-crgq-5p3q/GHSA-q3m2-crgq-5p3q.json"}},{"package":{"name":"ironic","ecosystem":"PyPI","purl":"pkg:pypi/ironic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"25.0.0"},{"fixed":"26.1.1"}]}],"versions":["25.0.0","26.0.0","26.1.0"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-q3m2-crgq-5p3q/GHSA-q3m2-crgq-5p3q.json"}},{"package":{"name":"ironic","ecosystem":"PyPI","purl":"pkg:pypi/ironic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"27.0.0"},{"fixed":"29.0.1"}]}],"versions":["27.0.0","28.0.0","29.0.0"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-q3m2-crgq-5p3q/GHSA-q3m2-crgq-5p3q.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N"}]}