CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в ceph

A flaw was discovered in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability relates to the injection of HTTP headers via the CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file causes a header injectio...

6.5CVSS6.6AI score0.00857EPSS

Exploits0References1

OpenVAS•added 2023/01/09 12:0 a.m.•29 views

Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2023-1058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.00857EPSS

Exploits0References2

Tenable Nessus•added 2023/01/06 12:0 a.m.•37 views

EulerOS Virtualization 3.0.2.6 : ceph-common (EulerOS-SA-2023-1058)

According to the versions of the ceph-common packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of...

6.5CVSS6.1AI score0.00857EPSS

Exploits0References3

Tenable Nessus•added 2022/05/27 12:0 a.m.•42 views

EulerOS 2.0 SP3 : ceph-common (EulerOS-SA-2022-1708)

According to the versions of the ceph-common packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via...

6.5CVSS6.2AI score0.00857EPSS

Exploits0References3

RedHat Linux•added 2022/05/05 7:56 a.m.•3 views

gateway: radosgw: CRLF injection

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when makin...

6.5CVSS5.7AI score0.00857EPSS

Exploits0References4

OpenVAS•added 2022/04/25 12:0 a.m.•28 views

Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2022-1525)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.00857EPSS

Exploits0References2

Tenable Nessus•added 2021/08/09 12:0 a.m.•56 views

EulerOS 2.0 SP8 : ceph (EulerOS-SA-2021-2288)

According to the versions of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two...

6.5CVSS6.2AI score0.00857EPSS

Exploits0References3

Tenable Nessus•added 2021/07/16 12:0 a.m.•40 views

openSUSE 15 Security Update : ceph (openSUSE-SU-2021:1834-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1834-1 advisory. - A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from...

6.5CVSS6.1AI score0.00857EPSS

Exploits1References10

OpenVAS•added 2021/06/09 12:0 a.m.•24 views

SUSE: Security Advisory (SUSE-SU-2020:1747-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00428EPSS

Exploits0References2

Veracode•added 2021/05/23 6:5 a.m.•37 views

Cross-Site Scripting (XSS)

ceph is vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...

6.5CVSS6AI score0.00857EPSS

Exploits0References10Affected Software6

OSV•added 2021/05/17 5:15 p.m.•1 views

DEBIAN-CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection...

6.5CVSS6AI score0.00857EPSS

Exploits0References1

OSV•added 2021/05/17 5:15 p.m.•28 views

CVE-2021-3524

6.5CVSS6.7AI score

Exploits0References6

NVD•added 2021/05/17 5:15 p.m.•23 views

CVE-2021-3524

6.5CVSS0.00857EPSS

Exploits0References6

OSV•added 2021/05/17 5:15 p.m.•0 views

UBUNTU-CVE-2021-3524

6.5CVSS6.4AI score0.00857EPSS

Exploits0References5

Prion•added 2021/05/17 5:15 p.m.•32 views

Design/Logic Flaw

4.3CVSS6.5AI score0.00857EPSS

Exploits0References6Affected Software4

AlpineLinux•added 2021/05/17 12:0 a.m.•66 views

CVE-2021-3524

6.5CVSS7AI score0.00857EPSS

Exploits0

CNNVD•added 2021/05/17 12:0 a.m.•1 views

Red Hat Ceph Storage 注入漏洞

Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. An injection vulnerability exists in Red Hat Ceph Storage RadosGW prior to version 14.2.21, which stems from a line break in the ExposeHeader tag in the CORS configuration file that generates a...

6.5CVSS6.5AI score0.00857EPSS

Exploits0References16