rpm package
suse/ceph&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/ceph&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-10753 | — | < 12.2.13+git.1592168685.85110a3e9d-2.50.1 | 12.2.13+git.1592168685.85110a3e9d-2.50.1 | Jun 26, 2020 | A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the | ||
| CVE-2020-12059 | — | < 12.2.12+git.1587570958.35d78d0243-2.45.1 | 12.2.12+git.1587570958.35d78d0243-2.45.1 | Apr 22, 2020 | An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception. |
- CVE-2020-10753Jun 26, 2020affected < 12.2.13+git.1592168685.85110a3e9d-2.50.1fixed 12.2.13+git.1592168685.85110a3e9d-2.50.1
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the
- CVE-2020-12059Apr 22, 2020affected < 12.2.12+git.1587570958.35d78d0243-2.45.1fixed 12.2.12+git.1587570958.35d78d0243-2.45.1
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.