{"id":"PYSEC-2015-28","details":"OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.","aliases":["CVE-2015-5306","GHSA-x64g-wjmw-w328"],"modified":"2023-11-08T03:57:57.677895Z","published":"2015-11-25T20:59:00Z","references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273698"},{"type":"WEB","url":"https://bugs.launchpad.net/ironic-inspector/+bug/1506419"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2015:1929"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-2685.html"}],"affected":[{"package":{"name":"ironic-inspector","ecosystem":"PyPI","purl":"pkg:pypi/ironic-inspector"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.0"}]}],"versions":["2.0.0","2.0.1","2.1.0","2.2.0","2.2.1","2.2.2","2.2.3","2.2.4","2.2.5","2.2.6","2.2.7"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ironic-inspector/PYSEC-2015-28.yaml"}}],"schema_version":"1.7.3"}