Lucene search
+L

24 matches found

nessus
nessus
added 2023/01/06 12:0 a.m.38 views

EulerOS Virtualization 3.0.2.6 : ceph-common (EulerOS-SA-2023-1058)

According to the versions of the ceph-common packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of...

6.5CVSS6.1AI score0.01619EPSS
Exploits0References3
nessus
nessus
added 2022/05/27 12:0 a.m.43 views

EulerOS 2.0 SP3 : ceph-common (EulerOS-SA-2022-1708)

According to the versions of the ceph-common packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via...

6.5CVSS6.2AI score0.01619EPSS
Exploits0References3
openvas
openvas
added 2022/05/25 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2022-1708)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.01619EPSS
Exploits0References2
openvas
openvas
added 2022/04/25 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2022-1525)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.01619EPSS
Exploits0References2
nessus
nessus
added 2022/04/25 12:0 a.m.38 views

EulerOS 2.0 SP5 : ceph-common (EulerOS-SA-2022-1525)

According to the versions of the ceph-common packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via...

6.5CVSS6.2AI score0.01619EPSS
Exploits0References3
openvas
openvas
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:1747-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01619EPSS
Exploits0References2
veracode
veracode
added 2021/05/23 6:5 a.m.39 views

Cross-Site Scripting (XSS)

ceph is vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...

6.5CVSS6AI score0.01619EPSS
Exploits0References10Affected Software6
prion
prion
added 2021/05/17 5:15 p.m.36 views

Design/Logic Flaw

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

4.3CVSS6.5AI score0.01619EPSS
Exploits0References6Affected Software4
debiancve
debiancve
added 2021/05/17 12:0 a.m.44 views

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

6.5CVSS7.1AI score0.01612EPSS
Exploits0
alpinelinux
alpinelinux
added 2021/05/17 12:0 a.m.89 views

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

6.5CVSS7AI score0.01612EPSS
Exploits0
openvas
openvas
added 2021/02/02 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ceph (EulerOS-SA-2021-1136)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.9AI score0.01619EPSS
Exploits0References2
openvas
openvas
added 2021/01/29 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-4706-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.01619EPSS
Exploits0References2
ubuntu
ubuntu
added 2021/01/28 1:40 p.m.204 views

USN-4706-1: Ceph vulnerabilities

Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. CVE-2020-10736 Adam Mohammed found...

8.8CVSS6.9AI score0.01619EPSS
Exploits0
osv
osv
added 2021/01/28 1:40 p.m.10 views

USN-4706-1 ceph vulnerabilities

Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. CVE-2020-10736 Adam Mohammed found...

8.8CVSS6.9AI score0.01619EPSS
Exploits0References4
archlinux
archlinux
added 2020/11/26 12:0 a.m.174 views

[ASA-202011-22] ceph: multiple issues

Arch Linux Security Advisory ASA-202011-22 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-1759 CVE-2020-1760 CVE-2020-10753 CVE-2020-25660 Package : ceph Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1195 Summary =====...

8.8CVSS0.1AI score0.01619EPSS
Exploits0References25
redhat
redhat
added 2020/08/18 6:2 p.m.72 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.3 Security update

An update is now available for Red Hat Ceph Storage 3.3 on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

6.5CVSS6.9AI score0.01619EPSS
Exploits0References2
nessus
nessus
added 2020/08/18 12:0 a.m.70 views

RHEL 7 : Red Hat Ceph Storage 3.3 (RHSA-2020:3504)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3504 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a...

6.5CVSS7.1AI score0.01619EPSS
Exploits0References20
nessus
nessus
added 2020/08/18 12:0 a.m.37 views

FreeBSD : ceph14 -- HTTP header injection via CORS ExposeHeader tag (f20eb9a4-dfea-11ea-a9b8-9c5c8e84d621)

Red Hat bugzilla reports : A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

6.5CVSS6.8AI score0.01619EPSS
Exploits0References4
redhat
redhat
added 2020/07/20 2:23 p.m.102 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 4.1 security and bug fix update

An update is now available for Red Hat Ceph Storage 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

6.5CVSS6.8AI score0.01619EPSS
Exploits0References49
nessus
nessus
added 2020/07/09 12:0 a.m.41 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2020:1747-1)

This update for ceph fixes the following issues : CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag bsc1171921. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

6.5CVSS7AI score0.01619EPSS
Exploits0References4
Rows per page
Query Builder