22 matches found
EulerOS 2.0 SP8 : ceph (EulerOS-SA-2022-1558)
According to the versions of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential X...
Huawei EulerOS: Security Advisory for ceph (EulerOS-SA-2022-1558)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2022-1157)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.6 : ceph-common (EulerOS-SA-2021-2897)
According to the versions of the ceph-common packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw cou...
Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2021-2897)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : ceph-common (EulerOS-SA-2021-2322)
According to the version of the ceph-common packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potenti...
Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2021-2322)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0930-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0962-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-202011-22] ceph: multiple issues
Arch Linux Security Advisory ASA-202011-22 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-1759 CVE-2020-1760 CVE-2020-10753 CVE-2020-25660 Package : ceph Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1195 Summary =====...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 4.1 security and bug fix update
An update is now available for Red Hat Ceph Storage 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Fedora: Security Advisory for ceph (FEDORA-2020-81b9c6cddc)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD : ceph14 -- multiple security issues (5b6bc863-89dc-11ea-af8b-00155d0a0200)
RedHat reports : ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions. ceph: header-splitting in RGW GetObject has a possible XSS. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...
CVE-2020-1760
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input...
CVE-2020-1760
CVE-2020-1760 affects Ceph RGW (Ceph Object Gateway): an anonymous S3 request can trigger cross-site scripting due to insufficient input neutralization. The issue is rooted in how untrusted input is handled in the RGW/ExposeHeader scenarios, enabling potential XSS when a path to a publicly readab...
openSUSE Security Update : ceph (openSUSE-2020-494)
This update for ceph fixes the following issues : - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security,...
OPENSUSE-SU-2020:0494-1 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for ceph (important)
openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:0494-1 Rating: important References: 1166403 1166484 Cross-References: CVE-2020-1759 CVE-2020-1760 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description: Thi...
Debian: Security Advisory (DLA-2171-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2171-1] ceph security update
Package : ceph Version : 0.80.7-2+deb8u4 CVE ID : CVE-2020-1760 Debian Bug : 956142 It was discovered that there was a header-splitting vulnerability in ceph, a distributed storage and file system. For Debian 8 "Jessie", this issue has been fixed in ceph version 0.80.7-2+deb8u4. We recommend that...