SUSE CVE-2021-3531

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability...

DEBIAN-CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

Red Hat Ceph Storage 注入漏洞

Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. An injection vulnerability exists in Red Hat Ceph Storage RadosGW prior to version 14.2.21, which stems from a line break in the ExposeHeader tag in the CORS configuration file that generates a...

PT-2021-3604 · Red Hat +5 · Red Hat Ceph Storage Radosgw +5

Name of the Vulnerable Software and Affected Versions: Red Hat Ceph Storage RadosGW Ceph Object Gateway versions prior to 14.2.21 Description: A flaw was found in the Red Hat Ceph Storage RadosGW related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...

PT-2021-5463 · Red Hat +5 · Red Hat Ceph Storage +5

Name of the Vulnerable Software and Affected Versions: Red Hat Ceph Storage RGW versions prior to 14.2.21 Description: The issue is related to incorrect handling of a URL that ends with two slashes, which can cause the system to crash, resulting in a denial of service. This can be exploited by a...