VYPR

Ceph

by Ceph

Source repositories

CVEs (29)

  • CVE-2024-48916HigJul 30, 2025
    risk 0.53cvss 8.1epss 0.00

    Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of…

  • CVE-2016-7031HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.02

    The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.

  • CVE-2017-16818MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to…

  • CVE-2016-5009MedJul 12, 2016
    risk 0.42cvss 6.5epss 0.02

    The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.

  • CVE-2017-12155MedDec 12, 2017
    risk 0.41cvss 6.3epss 0.00

    A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker…

  • CVE-2025-52555MedJun 26, 2025
    risk 0.35cvss 6.5epss 0.00

    Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The…

  • CVE-2025-40362Dec 16, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other…

  • CVE-2024-47866Nov 12, 2025
    risk 0.00cvss epss 0.00

    Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument `x-amz-copy-source` to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time…

  • CVE-2024-53685Jan 11, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH_MAX, then this function will enter an endless (retry) loop, effectively…

  • CVE-2022-3854Mar 6, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

  • CVE-2022-3650Jan 17, 2023
    risk 0.00cvss epss 0.00

    A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

  • CVE-2022-0670Jul 25, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise…

  • CVE-2021-20288Apr 15, 2021
    risk 0.00cvss epss 0.02

    An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a…

  • CVE-2020-25678Jan 8, 2021
    risk 0.00cvss epss 0.00

    A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.

  • CVE-2020-27781Dec 18, 2020
    risk 0.00cvss epss 0.00

    User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved…

  • CVE-2020-25660Nov 23, 2020
    risk 0.00cvss epss 0.01

    A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to…

  • CVE-2020-10736Jun 22, 2020
    risk 0.00cvss epss 0.01

    An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the…

  • CVE-2020-12059Apr 22, 2020
    risk 0.00cvss epss 0.03

    An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.

  • CVE-2020-1700Feb 7, 2020
    risk 0.00cvss epss 0.02

    A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of…

  • CVE-2019-10222Nov 8, 2019
    risk 0.00cvss epss 0.05

    A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW…

Page 1 of 2