Lucene search
K

64 matches found

RedHat Linux
RedHat Linux
added 2018/07/26 3:35 p.m.75 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update

An update for ceph is now available for Red Hat Ceph Storage 2.5 for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.03249EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/06/06 12:0 a.m.30 views

RHEL 7 : Red Hat Ceph Storage (RHSA-2016:2815)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2815 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a...

6.8CVSS6.7AI score0.0231EPSS
Exploits0References63
RedHat Linux
RedHat Linux
added 2016/12/21 4:52 p.m.41 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security update

An update is now available for Red Hat Ceph Storage 1.3. This erratum is for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.9AI score0.04396EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2016/12/15 6:2 p.m.40 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.1 security and bug fix update

An update is now available for Red Hat Ceph Storage 2.1. This erratum is for Red Hat Ceph Storage that runs on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.5CVSS6.9AI score0.04396EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/12/15 4:49 p.m.6 views

ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...

7.5CVSS5.8AI score0.04396EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/12/15 4:49 p.m.42 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.1 security and bug fix update

An update is now available for Red Hat Ceph Storage 2.1. This erratum is for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.9AI score0.04396EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2016/12/12 12:0 a.m.20 views

CVE-2016-9579

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...

7.5CVSS6.8AI score0.04396EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2016/12/01 9:38 p.m.2 views

Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

6.8CVSS5.8AI score0.0231EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/22 7:22 p.m.36 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage security, bug fix, and enhancement update

An update is now available for Red Hat Ceph Storage 2.1 that fix one security issue, multiple bugs, and add various enhancements. This erratum is applicable for Red Hat Ceph Storage that runs on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. ...

6.8CVSS6.7AI score0.0231EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2016/10/27 7:47 a.m.21 views

CVE-2016-8626

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

6.8CVSS2AI score0.0231EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/09 12:0 a.m.5 views

Red Hat Ceph RGW Information Disclosure Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system based on POSIX Portable Operating System Interface without a single point of failure, so that data can be fault-tolerant and seamless replication...

7.5CVSS6.5AI score0.01751EPSS
Exploits1References1
OSV
OSV
added 2016/10/03 6:59 p.m.5 views

DEBIAN-CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL...

7.5CVSS6.1AI score0.01751EPSS
Exploits1References1
myhack58
myhack58
added 2015/12/07 12:0 a.m.17 views

The Ceph Object Gateway CRLF Vulnerability(CVE-2 0 1 5-5 2 4 5)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-5 2 4 5 The Ceph Object Gateway is constructed in the librados on top of the object storage interface, you can make the application through a RESTful gateway to access the distributed storage system Ceph Storage Clusters. Ceph 0.94.4 before the version, Ceph Object Gateway,...

1.3AI score
Exploits0
CNVD
CNVD
added 2015/12/04 12:0 a.m.6 views

Ceph Object Gateway CRLF Vulnerability

Ceph Object Gateway is an object storage interface built on top of librados that enables applications to access Ceph Storage Clusters, a distributed storage system, through a RESTful gateway. A CRLF injection vulnerability exists in Ceph Object Gateway versions prior to 0.94.4, where a remote...

4.3CVSS7AI score0.01907EPSS
Exploits0References1
NVD
NVD
added 2015/12/03 8:59 p.m.33 views

CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

4.3CVSS6.7AI score0.01907EPSS
Exploits0References3
OSV
OSV
added 2015/12/03 8:59 p.m.8 views

CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

6.6AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/12/03 8:59 p.m.25 views

CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

4.3CVSS6.8AI score0.01907EPSS
Exploits0References1
OSV
OSV
added 2015/12/03 8:59 p.m.7 views

UBUNTU-CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

4.3CVSS6.8AI score0.01907EPSS
Exploits0References2
CVE
CVE
added 2015/12/03 8:0 p.m.88 views

CVE-2015-5245

Ceph Object Gateway (RGW) is affected by a CRLF injection vulnerability caused by improper validation of user-supplied input. This allows a remote attacker to inject arbitrary HTTP headers and conduct HTTP response splitting via a crafted bucket name, affecting Ceph versions before 0.94.4. Remedi...

4.3CVSS6.8AI score0.01907EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/12/03 8:0 p.m.26 views

CVE-2015-5245

CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name...

6.7AI score0.01907EPSS
Exploits0References3
Rows per page
Query Builder