PyPI package
ceph-deploy
pkg:pypi/ceph-deploy
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-3010 | — | < 1.5.23 | 1.5.23 | Jun 16, 2015 | ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file. | ||
| CVE-2015-4053 | — | < 1.5.25 | 1.5.25 | Jun 8, 2015 | The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file. |
- CVE-2015-3010Jun 16, 2015affected < 1.5.23fixed 1.5.23
ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
- CVE-2015-4053Jun 8, 2015affected < 1.5.25fixed 1.5.25
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.