VYPR

PyPI package

ceph-deploy

pkg:pypi/ceph-deploy

Vulnerabilities (2)

  • CVE-2015-3010Jun 16, 2015
    affected < 1.5.23fixed 1.5.23

    ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.

  • CVE-2015-4053Jun 8, 2015
    affected < 1.5.25fixed 1.5.25

    The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.