rpm package
suse/ceph-test&distro=SUSE Enterprise Storage 3
pkg:rpm/suse/ceph-test&distro=SUSE%20Enterprise%20Storage%203
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9579 | — | < 10.2.10+git.1510313171.6d5f0aeac1-13.7.2 | 10.2.10+git.1510313171.6d5f0aeac1-13.7.2 | Aug 1, 2018 | A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP reque | ||
| CVE-2016-8626 | — | < 10.2.5+git.1485186288.4e3c6c4-12.2 | 10.2.5+git.1485186288.4e3c6c4-12.2 | Jul 31, 2018 | A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests. | ||
| CVE-2017-7519 | — | < 10.2.10+git.1510313171.6d5f0aeac1-13.7.2 | 10.2.10+git.1510313171.6d5f0aeac1-13.7.2 | Jul 27, 2018 | In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library. |
- CVE-2016-9579Aug 1, 2018affected < 10.2.10+git.1510313171.6d5f0aeac1-13.7.2fixed 10.2.10+git.1510313171.6d5f0aeac1-13.7.2
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP reque
- CVE-2016-8626Jul 31, 2018affected < 10.2.5+git.1485186288.4e3c6c4-12.2fixed 10.2.5+git.1485186288.4e3c6c4-12.2
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.
- CVE-2017-7519Jul 27, 2018affected < 10.2.10+git.1510313171.6d5f0aeac1-13.7.2fixed 10.2.10+git.1510313171.6d5f0aeac1-13.7.2
In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library.