6 matches found
Denial Of Service (DoS)
ceph is vulnerable to denial of service. A NULL pointer exception allows an attacker to crash the RGW process via a malicious tagging XML...
CVE-2020-12059
A flaw was found in the Ceph Object Gateway S3 API, where it did not properly validate the POST requests. This flaw allows an attacker to perform a denial of service attack using a malicious POST request with specially crafted XML payload, leading to a crash of the RGW process. Mitigation...
CVE-2020-12059
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception...
CVE-2020-12059
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception...
CVE-2020-12059
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception...
CVE-2020-12059
CVE-2020-12059 affects Ceph RGW; up to Ceph 13.2.9, a POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception, causing a Denial of Service. Debian and Red Hat advisories confirm fixes: Debian 10 (buster) patched via ceph 12.2.11+dfsg1-2.1+deb10u1,...