ironic-python-agent

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting ironic-python-agentpage 1 of 1

CVE-2026-42997HIGHCVSS 7.7EG 7.7✓ Fixed in 26.1.6
2026-05-05
vulnerable: 0.0.1 ... 9.9.0 (121 versions)
An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token (which provides a…
CVE-2026-43003HIGHCVSS 8.0EG 8.0
2026-05-01
vulnerable: 1.0.0 ... 9.9.0 (120 versions)
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malic…

Check whether ironic-python-agent is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ironic-python-agent CVEs against the assets you own.

Start Free Scan →