CVE-2016-7031
Ceph RGW vulnerability CVE-2016-7031 affects Ceph before 10.0.1: when an authenticated-read ACL is applied to a bucket, an attacker can list bucket contents via a URL. Mitigation observed in connected advisories: Red Hat Ceph Storage 1.3.3 (RHSA-2016:1972) fixes this issue; Ubuntu USN-3452-1 list...