rpm package
suse/ceph&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3854 | — | < 16.2.11.58+g38d6afd3b78-150400.3.6.1 | 16.2.11.58+g38d6afd3b78-150400.3.6.1 | Mar 6, 2023 | A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service. | ||
| CVE-2022-3650 | — | < 16.2.11.58+g38d6afd3b78-150400.3.6.1 | 16.2.11.58+g38d6afd3b78-150400.3.6.1 | Jan 17, 2023 | A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information. | ||
| CVE-2022-0670 | — | < 16.2.11.58+g38d6afd3b78-150400.3.6.1 | 16.2.11.58+g38d6afd3b78-150400.3.6.1 | Jul 25, 2022 | A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality |
- CVE-2022-3854Mar 6, 2023affected < 16.2.11.58+g38d6afd3b78-150400.3.6.1fixed 16.2.11.58+g38d6afd3b78-150400.3.6.1
A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.
- CVE-2022-3650Jan 17, 2023affected < 16.2.11.58+g38d6afd3b78-150400.3.6.1fixed 16.2.11.58+g38d6afd3b78-150400.3.6.1
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.
- CVE-2022-0670Jul 25, 2022affected < 16.2.11.58+g38d6afd3b78-150400.3.6.1fixed 16.2.11.58+g38d6afd3b78-150400.3.6.1
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality