10 matches found
Astra Linux - уязвимость в ceph
A flaw was discovered in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability relates to the injection of HTTP headers via the CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file causes a header injectio...
Astra Linux - уязвимость в ceph
A flaw was discovered in the Red Hat Ceph Storage RGW in versions prior to 14.2.21. When processing a GET request for a swift URL that ends with two slashes, it can cause the rgw component to crash, resulting in a denial of service. The most significant threat to the system is its availability...
Linux Distros Unpatched Vulnerability : CVE-2021-3531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cau...
GHSA-7M27-7GHC-44W9 Next.js Allows a Denial of Service (DoS) with Server Actions
Impact A Denial of Service DoS attack allows attackers to construct requests that leaves requests to Server Actions hanging until the hosting provider cancels the function execution. Note: Next.js server is idle during that time and only keeps the connection open. CPU and memory footprint are low...
SUSE CVE-2021-3531
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability...
Ceph: Multiple vulnerabilities
Background Ceph is a distributed network file system designed to provide excellent performance, reliability, and scalability. Description Multiple vulnerabilities have been discovered in Ceph. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
DEBIAN-CVE-2021-3524
A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...
Red Hat Ceph Storage 注入漏洞
Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. An injection vulnerability exists in Red Hat Ceph Storage RadosGW prior to version 14.2.21, which stems from a line break in the ExposeHeader tag in the CORS configuration file that generates a...
PT-2021-3604 · Red Hat +5 · Red Hat Ceph Storage Radosgw +5
Name of the Vulnerable Software and Affected Versions: Red Hat Ceph Storage RadosGW Ceph Object Gateway versions prior to 14.2.21 Description: A flaw was found in the Red Hat Ceph Storage RadosGW related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...
PT-2021-5463 · Red Hat +5 · Red Hat Ceph Storage +5
Name of the Vulnerable Software and Affected Versions: Red Hat Ceph Storage RGW versions prior to 14.2.21 Description: The issue is related to incorrect handling of a URL that ends with two slashes, which can cause the system to crash, resulting in a denial of service. This can be exploited by a...