{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74117?format=json","vulnerability_id":"VCID-bcmu-f24h-3yg9","summary":"In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.","aliases":[{"alias":"CVE-2026-44916"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196126?format=json","purl":"pkg:deb/debian/ironic@1:21.1.0-3%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:21.1.0-3%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/510524?format=json","purl":"pkg:deb/debian/ironic@1:29.0.5-0%2Bdeb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:29.0.5-0%252Bdeb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/99727?format=json","purl":"pkg:deb/debian/ironic@1:35.0.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:35.0.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99721?format=json","purl":"pkg:deb/debian/ironic@1:35.0.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ngq5-5br7-dyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:35.0.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076573?format=json","purl":"pkg:deb/debian/ironic@1:35.0.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:35.0.1-5%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196124?format=json","purl":"pkg:deb/debian/ironic@1:16.0.3-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-9dkb-kf24-xkdp"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-jv92-qsda-dqhp"},{"vulnerability":"VCID-ngq5-5br7-dyaz"},{"vulnerability":"VCID-pqfj-a8pk-2fbx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:16.0.3-1"},{"url":"http://public2.vulnerablecode.io/api/packages/99720?format=json","purl":"pkg:deb/debian/ironic@1:16.0.3-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-9dkb-kf24-xkdp"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-jv92-qsda-dqhp"},{"vulnerability":"VCID-ngq5-5br7-dyaz"},{"vulnerability":"VCID-pqfj-a8pk-2fbx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:16.0.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/196125?format=json","purl":"pkg:deb/debian/ironic@1:21.1.0-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-9dkb-kf24-xkdp"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-jv92-qsda-dqhp"},{"vulnerability":"VCID-ngq5-5br7-dyaz"},{"vulnerability":"VCID-pqfj-a8pk-2fbx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:21.1.0-3"},{"url":"http://public2.vulnerablecode.io/api/packages/99718?format=json","purl":"pkg:deb/debian/ironic@1:21.1.0-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-9dkb-kf24-xkdp"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-jv92-qsda-dqhp"},{"vulnerability":"VCID-ngq5-5br7-dyaz"},{"vulnerability":"VCID-pqfj-a8pk-2fbx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:21.1.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/510523?format=json","purl":"pkg:deb/debian/ironic@1:29.0.0-7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-ngq5-5br7-dyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:29.0.0-7"},{"url":"http://public2.vulnerablecode.io/api/packages/99722?format=json","purl":"pkg:deb/debian/ironic@1:29.0.0-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2p25-2d9m-t3cp"},{"vulnerability":"VCID-3p7k-r1sj-4kcm"},{"vulnerability":"VCID-bcmu-f24h-3yg9"},{"vulnerability":"VCID-hwwu-hhkm-jkfa"},{"vulnerability":"VCID-ngq5-5br7-dyaz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ironic@1:29.0.0-7%3Fdistro=trixie"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44916","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01377","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01374","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01382","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01677","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-44916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136005","reference_id":"1136005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136005"},{"reference_url":"https://bugs.launchpad.net/ironic/+bug/2148307","reference_id":"2148307","reference_type":"","scores":[{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T12:50:26Z/"}],"url":"https://bugs.launchpad.net/ironic/+bug/2148307"},{"reference_url":"https://security.openstack.org/ossa/OSSA-2026-012.html","reference_id":"OSSA-2026-012.html","reference_type":"","scores":[{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T12:50:26Z/"}],"url":"https://security.openstack.org/ossa/OSSA-2026-012.html"}],"weaknesses":[{"cwe_id":1336,"name":"Improper Neutralization of Special Elements Used in a Template Engine","description":"The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine."}],"exploits":[],"severity_range_score":"3.0 - 3.0","exploitability":"0.5","weighted_severity":"2.1","risk_score":1.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmu-f24h-3yg9"}