OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| python-ironic-inspector-client(PyPI) | 0 | 0.2.5 | N/A |
| ironic-inspector(PyPI) | 0 | 2.2.2 | N/A |
CVSS Metrics
