Mageia: Security Advisory (MGASA-2025-0333)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: ceph (TSSA-2025:0506)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0506 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

AZL-70058 CVE-2024-47866 affecting package ceph for versions less than 18.2.2-12

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

CVE-2024-47866

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

CVE-2024-47866

CVE-2024-47866 affects Ceph RGW: using x-amz-copy-source with an empty string as object content can crash RGW and cause DoS in Ceph versions up to 19.2.3. Public details confirm impact is a denial of service; no patch in initial disclosure. Some connected advisories note fixes or mitigations in d...

CVE-2024-47866

A flaw was found in Ceph RGW. Using the x-amz-copy-source header to upload an empty object will cause Ceph RGW to crash, leading to availability issues. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...

PT-2025-46556

Name of the Vulnerable Software and Affected Versions Ceph affected versions not specified Description A denial-of-service issue exists in Ceph’s RGW component due to improper input validation. Specifically, providing an empty string as the content for the x-amz-copy-source argument when putting ...

EUVD-2019-13444

Malware in sbrugna...

EUVD-2019-2235

Malware in sbrugna...

EUVD-2021-26847

Malware in sbrugna...

EUVD-2016-7916

Malware in sbrugna...

EUVD-2020-4375

Malware in sbrugna...

EUVD-2020-12556

Malware in sbrugna...

EUVD-2023-47461

Malicious code in bioql PyPI...

EUVD-2022-43194

Malicious code in bioql PyPI...

Debian dla-4310 : ceph - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4310 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4310-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2021-3531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cau...

CBL Mariner 2.0 Security Update: ceph (CVE-2023-43040)

The version of ceph installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43040 advisory. - IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for...

CBL Mariner 2.0 Security Update: ceph (CVE-2022-3854)

The version of ceph installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3854 advisory. - A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL...

AZL-40646 CVE-2023-43040 affecting package ceph for versions less than 16.2.10-4

IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807...