45 matches found
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2023-48795
CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...
CVE-2023-0056
CVE-2023-0056 affects HAProxy and is described in connected advisories as an uncontrolled resource consumption DoS that can crash the service, including a scenario where an authenticated remote attacker could trigger a crafted server in an OpenShift cluster. The issue is associated with HAProxy’s...
CVE-2018-1128
CVE-2018-1128 describes a replay vulnerability in the Cephx authentication protocol where a packet sniffer on a Ceph cluster network can authenticate to Ceph services due to insufficient verification of clients. The issue affects the msgr2 protocol (used by most Ceph communication) and can compro...
CVE-2018-1129
CVE-2018-1129: A flaw in cephx signature calculation lets an attacker on a ceph cluster network alter payloads to bypass signature checks. Affected Ceph branches include master, mimic, luminous, and jewel. The initial description notes the vulnerability but does not provide a concrete patch versi...
CVE-2020-25660
The CVE-2020-25660 issue affects Cephx authentication in Ceph versions before 15.2.6 and before 14.2.14, where client verification can be bypassed, enabling replay attacks over the msgr2 protocol (affecting most Ceph communications; msgr1 is unaffected). An attacker with cluster-network access co...
CVE-2021-4048
CVE-2021-4048 is an out-of-bounds read in LAPACK routines CLARRV, DLARRV, SLARRV and ZLARRV (affecting LAPACK up to 3.10.0 and OpenBLAS up to 0.3.18). A crafted input may crash an application or disclose memory portions. Affected packages include lapack and OpenBLAS; some advisories (e.g., AlmaLi...
CVE-2019-14864
The connected documents confirm CVE-2019-14864 affects Ansible, specifically versions 2.9.x before 2.9.1, 2.8.x before 2.8.7, and 2.7.x before 2.7.15. The root cause is that the no_log flag is not respected when Sumologic and Splunk callback plugins are used to send task results to collectors, le...
CVE-2020-10753
CVE-2020-10753 affects Red Hat Ceph Storage RadosGW (Ceph Object Gateway). A newline in a CORS ExposeHeader tag in the CORS configuration can inject HTTP headers into responses, enabling header injection during CORS requests. The issue is reported for Ceph RGW in versions 3.x and 4.x (with relate...
CVE-2020-27781
CVE-2020-27781 affects Ceph and specifically allows privilege escalation via Native CephFS consumers of OpenStack Manila. An OpenStack Manila user can request access to a share for an arbitrary cephx user; the interface drivers reveal the access key, enabling all users in the requesting project t...
CVE-2020-1712
CVE-2020-1712 affects systemd; a heap use-after-free occurs when asynchronous Polkit queries are performed while handling dbus messages. Local unprivileged attackers can crash systemd services or potentially execute code to elevate privileges by sending crafted dbus messages. Public details acros...
CVE-2021-3509
Affects Red Hat Ceph Storage 4 dashboard (ceph-dashboard). The root cause is storage of the JWT for user authentication in the browser (localStorage), which exposes tokens to XSS risks. This is described in connected advisories for Ceph-derived distributions (Astral/Linux security bulletins and M...
CVE-2019-10222
CVE-2019-10222 affects Ceph RGW when Beast front-end handles requests: an unauthenticated attacker can crash the RGW server by sending valid HTTP headers and terminating the connection, yielding a remote DoS for Ceph RGW clients. Public references in Debian/SUSE/Nessus disclosures confirm the iss...
CVE-2018-10875
CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...
CVE-2020-1760
CVE-2020-1760 affects Ceph RGW (Ceph Object Gateway): an anonymous S3 request can trigger cross-site scripting due to insufficient input neutralization. The issue is rooted in how untrusted input is handled in the RGW/ExposeHeader scenarios, enabling potential XSS when a path to a publicly readab...
CVE-2021-3524
This CVE-2021-3524 affects Red Hat Ceph Storage RadosGW (Ceph Object Gateway) prior to 14.2.21. The root cause is a CORS ExposeHeader tag handling that allows HTTP header injection via newline characters in the ExposeHeader (and earlier fixes did not address \r as a header separator). Impact is p...
CVE-2021-3531
CVE-2021-3531 affects Red Hat Ceph Storage RGW: in Ceph RGW versions before 14.2.21, processing a GET request for a swift URL that ends with two slashes can crash the rgw, causing a denial of service (availability impact). Connected documents show multiple advisories and vendor patches (e.g., Fed...
CVE-2019-14905
The CVE-2019-14905 issue affects Ansible Engine’s nxos_file_copy module, where the filename parameter could be crafted to inject OS commands on NXOS devices. This is a local attack with potential confidentiality, integrity, and availability impacts as described (loss of confidentiality, etc.). Af...
CVE-2018-10861
CVE-2018-10861 describes an authorization issue in Ceph Monitor (ceph-mon) where any authenticated Ceph user with read access can delete, create Ceph storage pools, and corrupt snapshot images. Affected releases include Ceph branches master, mimic, luminous, and jewel. The impact is the ability t...
CVE-2020-25678
CVE-2020-25678 affects Ceph (versions prior to 16.y.z) where mgr module passwords are stored in clear text. The issue can be observed by grepping mgr logs for grafana/dashboard and is described as an information disclosure vulnerability. Publicly documented in multiple advisories (Ubuntu USN-4998...
CVE-2018-14662
CVE-2018-14662 affects Ceph up to version 13.2.3 (pre-13.2.4). The vulnerability allows authenticated Ceph users with read-only permissions to steal dm-crypt encryption keys used for Ceph disk encryption. This is the underlying flaw reported across multiple advisories and repository releases (not...
CVE-2018-16846
CVE-2018-16846 affects Ceph versions before 13.2.4. Authenticated Ceph RGW users can cause a denial of service against OMAPs holding bucket indices. The issue is triggered by actions performed by RGW users with read/write permissions, as described in the CVE entry and corroborated by multiple adv...
CVE-2019-14859
CVE-2019-14859 affects the Python library python-ecdsa. A flaw exists in all versions before 0.13.3 where signatures are not properly verified for DER encoding, allowing a malformed signature to be accepted and making signatures malleable. This could enable an attacker to use a malleable signatur...
CVE-2021-20288
Ceph CVE-2021-20288 is an authentication flaw in Ceph before certain fixed releases. The root cause is that CEPHX_GET_AUTH_SESSION_KEY handling does not sanitize other_keys, allowing reuse of old keys when a global_id is requested, enabling a user to leverage a global_id previously associated wit...
CVE-2020-25626
CVE-2020-25626 affects Django REST Framework (DRF) with versions prior to 3.12.0 and prior to 3.11.2. The flaw is an improper escape of certain user-controlled strings in the browseable API viewer, allowing injection of script tags (XSS). Impact is limited to cases where attackers can influence t...
CVE-2020-14365
CVE-2020-14365 affects the Ansible Engine (ansible-engine 2.8.x before 2.8.15; 2.9.x before 2.9.13). When using the dnf module, GPG signatures are ignored during installation if disable_gpg_check is False, allowing potentially malicious packages to be installed and their installation scripts to e...
CVE-2020-10685
CVE-2020-10685 affects Ansible Engine versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, and Ansible Tower up to 3.6.3, when using vault-decrypting modules (assemble, script, unarchive, win_copy, aws_s3, copy). A temporary directory is created in /tmp and left unencrypted; on ...
CVE-2020-1759
CVE-2020-1759 affects Red Hat Ceph Storage 4 and Red Hat OpenShift Container Storage 4.2, where the secure mode of the messenger v2 protocol (msgr2) allows nonce reuse. This enables forging authentication tags and can lead to confidentiality and integrity problems in sessions when a nonce is reus...
CVE-2018-19039
Grafana CVE-2018-19039 affects Grafana before 4.6.5 and 5.x before 5.3.3, allowing remote authenticated users with Editor or Admin perms to read arbitrary files. Root cause is a file-read exposure via dashboards/editors. Upgrading to Grafana 4.6.5 or 5.3.3+ mitigates the issue; check vendor advis...
CVE-2022-26148
Grafana (through 7.3.4) integrated with Zabbix contains a credentials disclosure flaw: the Zabbix password and URL can be exposed by inspecting api_jsonrpc.php in the HTML source after login/registration, enabling an attacker with access to the app to obtain sensitive Zabbix credentials. Root cau...
CVE-2020-1699
CVE-2020-1699 affects Ceph’s dashboard in upstream Ceph v14.2.5, v14.2.6, and v15.0.0, enabling information disclosure via a path traversal flaw. It is fixed in v14.2.7 and v15.1.0. The vulnerability is exploitable by an unauthenticated attacker and could reveal host-machine information running t...
CVE-2020-12458
Grafana CVE-2020-12458: An information-disclosure flaw exists through Grafana 6.7.3 where the database directory /var/lib/grafana and /var/lib/grafana/grafana.db are world-readable, potentially exposing sensitive datasource passwords. Public advisories (e.g., ALINUX3-SA-2021:0073, RHSA/CESA entri...
CVE-2021-20236
CVE-2021-20236 affects the ZeroMQ server (libzmq) prior to version 4.3.3. A crafted topic subscription request followed by unsubscribe can trigger a stack-based overflow on the server, impacting confidentiality, integrity, and availability. The vulnerability is confirmed across multiple sources (...
CVE-2021-3979
CVE-2021-3979 concerns a key length flaw in Ceph Storage (Red Hat Ceph Storage). The attacker could exploit incorrect key length handling to produce non-random keys, potentially weakening confidentiality and integrity of encrypted disks. The connected advisories confirm this vulnerability within ...
CVE-2022-0670
CVE-2022-0670 affects Ceph/Manailla integration for OpenStack CephFS shares via the volumes plugin in Ceph Manager. The root cause is a bug in the volumes plugin that lets the share owner read/write any Manila share or the entire filesystem, compromising confidentiality and integrity. Remediation...
CVE-2019-19337
CVE-2019-19337 affects Red Hat Ceph Storage 3, where the Ceph RADOS Gateway (RGW) daemon mishandles S3 requests. An authenticated attacker can trigger a remote denial of service by sending a crafted HTTP Content-Length header, impacting RGW availability. Public advisories (RHSA-2019:4353, RHSA-20...
CVE-2018-1059
The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...
CVE-2018-15727
CVE-2018-15727 concerns Grafana authentication bypass via a crafted remember-me cookie when only a LDAP/OAuth username is known. Affected releases include Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3. Multiple connected advisories confirm fixes: Red Hat advisories (RHSA-2018:3829, ...
CVE-2016-9579
The CVE-2016-9579 flaw affects Ceph Object Gateway when CORS is configured to allow origins on a bucket. A remote unauthenticated attacker could trigger a denial-of-service by sending specially crafted cross-origin requests. Affected Ceph branches are 1.3.x and 2.x. Connected sources confirm this...
CVE-2020-25677
CVE-2020-25677 affects Ceph-ansible v4.0.41, where /etc/ceph/iscsi-gateway.conf is created with insecure default permissions, allowing any local user to read sensitive information. The issue is tied to insecure ownership/permissions of the iscsi-gateway.conf file (cited in Red Hat’s RHSA-2021:008...
CVE-2018-14649
Summary of CVE-2018-14649 : The ceph-isci-cli package in Red Hat Ceph Storage versions 2 and 3 runs the rbd-target-api Python app with Werkzeug in debug mode, exposing an unauthenticated debug shell. This allows remote command execution with the privileges of the running process (often root) via ...
CVE-2025-14874
Nodemailer CVE-2025-14874 is a DoS vulnerability in the Nodemailer library where a crafted email address header triggers infinite recursion in the address parser. Affected product: Nodemailer (Node.js). Root cause: address parser recursion leading to denial of service. Impact: high availability l...
CVE-2022-3854
CVE-2022-3854: Ceph vulnerability in RGW URL processing allows an attacker to crash RGW by sending a null URL, causing DoS. Multiple connected docs corroborate the issue across Ceph deployments (RGW backend URL handling). Remediation is to upgrade Ceph to versions containing the fix (per SUSE RHC...
CVE-2016-7031
Ceph RGW vulnerability CVE-2016-7031 affects Ceph before 10.0.1: when an authenticated-read ACL is applied to a bucket, an attacker can list bucket contents via a URL. Mitigation observed in connected advisories: Red Hat Ceph Storage 1.3.3 (RHSA-2016:1972) fixes this issue; Ubuntu USN-3452-1 list...
CVE-2025-13601
CVE-2025-13601 affects GLib’s g_escape_uri_string() where an integer overflow in buffer size calculation can cause a heap-based overflow when escaping strings with many invalid characters. Consequences are described as potential write past the end of the allocated buffer, leading to memory corrup...