Explore top 10 tips to secure your open-source projects now. Read More
×
Mistral could be made to expose sensitive information or run code.
Software Description:
- mistral: OpenStack Workflow Service
Details:
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral
did not properly enforce access policies on some API endpoints. An
attacker could possibly execute arbitrary code on a Mistral worker and
possibly extract sensitive data including service credentials from it.
The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS mistral-api 22.0.0-0ubuntu1.1 mistral-common 22.0.0-0ubuntu1.1 mistral-engine 22.0.0-0ubuntu1.1 mistral-event-engine 22.0.0-0ubuntu1.1 mistral-executor 22.0.0-0ubuntu1.1 python3-mistral 22.0.0-0ubuntu1.1 Ubuntu 25.10 mistral-api 21.0.0-0ubuntu1.1 mistral-common 21.0.0-0ubuntu1.1 mistral-engine 21.0.0-0ubuntu1.1 mistral-event-engine 21.0.0-0ubuntu1.1 mistral-executor 21.0.0-0ubuntu1.1 python3-mistral 21.0.0-0ubuntu1.1 Ubuntu 24.04 LTS mistral-api 18.0.1-0ubuntu1.1 mistral-common 18.0.1-0ubuntu1.1 mistral-engine 18.0.1-0ubuntu1.1 mistral-event-engine 18.0.1-0ubuntu1.1 mistral-executor 18.0.1-0ubuntu1.1 python3-mistral 18.0.1-0ubuntu1.1 Ubuntu 22.04 LTS mistral-api 14.0.0-0ubuntu1.1 mistral-common 14.0.0-0ubuntu1.1 mistral-engine 14.0.0-0ubuntu1.1 mistral-event-engine 14.0.0-0ubuntu1.1 mistral-executor 14.0.0-0ubuntu1.1 python3-mistral 14.0.0-0ubuntu1.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-8422-1
CVE-2026-41283
Get the latest Linux and open source security news straight to your inbox.