Lucene search
+L

6 matches found

Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.8 views

PT-2026-56468

Name of the Vulnerable Software and Affected Versions SeaweedFS versions prior to 4.34 Description The S3 API gateway fails to properly validate input in the X-Amz-Copy-Source header used by the CopyObject and UploadPartCopy functions. This improper validation allows the use of dot-dot path...

7.7CVSS6.1AI score0.00327EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/02/17 12:55 a.m.13 views

rgw: RGW DoS attack with empty HTTP header in S3 object copy

A flaw was found in Ceph RGW. Using the x-amz-copy-source header to upload an empty object will cause Ceph RGW to crash, leading to availability issues...

7.5CVSS5.7AI score0.0044EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.6 views

Astra Linux – Vulnerability in Ceph

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the x-amz-copy-source argument to copy an object and specifying an empty string as its content resulted in the RGW daemon crashing, leading to a DoS attack. As of the time of publication,...

7.5CVSS5.4AI score0.0044EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/12 6:28 p.m.4 views

CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

7.5CVSS6.3AI score0.0044EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/12 6:28 p.m.6 views

EUVD-2024-55069

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

7.5CVSS5.9AI score0.0044EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/11/12 2:43 a.m.6 views

rgw: RGW DoS attack with empty HTTP header in S3 object copy

A flaw was found in Ceph RGW. Using the x-amz-copy-source header to upload an empty object will cause Ceph RGW to crash, leading to availability issues...

7.5CVSS5.7AI score0.0044EPSS
Exploits1References5
Rows per page
Query Builder