CVE-2026-44919
4.3 MEDIUMIn OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:...
Published: 2026-05-14 · Last updated: 2026-05-20
Severity and scoring
- CVSS
- 4.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- CWE
- CWE-696
Description
In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-44919
- [Other]https://bugs.launchpad.net/ironic/+bug/2150332
- [Other]https://opendev.org/openstack/ironic/commit/a3f6d735ac3642ab95b49142c7305f072ae748d0
- [Other]https://security.openstack.org/ossa/OSSA-2026-013.html
- [Other]https://bugs.launchpad.net/ironic/+bug/2150332
Related CVEs
Same CWE
- CVE-2026-49318 — Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... (2.4 LOW)
- CVE-2026-49317 — Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... (2.4 LOW)
- CVE-2026-45033 — GitHub Copilot CLI brings AI-powered coding assistance directly to your command line (7.8 HIGH)
- CVE-2024-45157 — An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used (5.1 MEDIUM)