CVE-2024-47211 Information

Description

In OpenStack Ironic before 21.4.4 22.x and 23.x before 23.0.3 23.x and 24.x before 24.1.3 and 25.x and 26.x before 26.1.0 there is a lack of checksum validation of supplied image_source URLs when configured to convert images to a raw format for streaming.

Reference

https://github.com/openstack/ironic/tags https://github.com/openstack/ironic/compare/24.1.2…26.1.0 https://github.com/openstack/ironic/security https://security.openstack.org/ossa/OSSA-2024-004.html