CVE-2018-7262
published 2018-03-19CVE-2018-7262: In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ceph | — | — |
| fedoraproject | fedora | — | — |
| redhat | ceph | < 12.2.3 | 12.2.3 |
| redhat | ceph | — | — |
| redhat | ceph | — | — |