Vulnerability Details CVE-2026-44919
In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 36.7%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2026-44919
-
cpe:2.3:a:openstack:ironic:23.0.4
-
cpe:2.3:a:openstack:ironic:23.0.5
-
cpe:2.3:a:openstack:ironic:23.1.0
-
cpe:2.3:a:openstack:ironic:24.0.0
-
cpe:2.3:a:openstack:ironic:24.1.0
-
cpe:2.3:a:openstack:ironic:24.1.1
-
cpe:2.3:a:openstack:ironic:24.1.2
-
cpe:2.3:a:openstack:ironic:24.1.3
-
cpe:2.3:a:openstack:ironic:24.1.4
-
cpe:2.3:a:openstack:ironic:24.1.5
-
cpe:2.3:a:openstack:ironic:25.0.0
-
cpe:2.3:a:openstack:ironic:26.0.0
-
cpe:2.3:a:openstack:ironic:26.1.0
-
cpe:2.3:a:openstack:ironic:26.1.1
-
cpe:2.3:a:openstack:ironic:26.1.2
-
cpe:2.3:a:openstack:ironic:26.1.3
-
cpe:2.3:a:openstack:ironic:26.1.4
-
cpe:2.3:a:openstack:ironic:26.1.5
-
cpe:2.3:a:openstack:ironic:26.1.6
-
cpe:2.3:a:openstack:ironic:26.1.7
-
cpe:2.3:a:openstack:ironic:27.0.0
-
cpe:2.3:a:openstack:ironic:28.0.0
-
cpe:2.3:a:openstack:ironic:29.0.0
-
cpe:2.3:a:openstack:ironic:29.0.1
-
cpe:2.3:a:openstack:ironic:29.0.2
-
cpe:2.3:a:openstack:ironic:29.0.3
-
cpe:2.3:a:openstack:ironic:29.0.4
-
cpe:2.3:a:openstack:ironic:29.0.5
-
cpe:2.3:a:openstack:ironic:30.0.0
-
cpe:2.3:a:openstack:ironic:31.0.0
-
cpe:2.3:a:openstack:ironic:32.0.0
-
cpe:2.3:a:openstack:ironic:32.0.1
-
cpe:2.3:a:openstack:ironic:33.0.0
-
cpe:2.3:a:openstack:ironic:34.0.0
-
cpe:2.3:a:openstack:ironic:35.0.0
-
cpe:2.3:a:openstack:ironic:35.0.1