Red Hat Ceph vulnerabilities
2 known vulnerabilities affecting red_hat/ceph.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2016-9579HIGHCVSS 7.5v1.3 and 22018-08-01
CVE-2016-9579 [MEDIUM] CWE-20 CVE-2016-9579: A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches 1.3.x and 2.x are affected.
cvelistv5nvd
CVE-2016-8626MEDIUMCVSS 6.5v0.94.9-82018-07-31
CVE-2016-8626 [MEDIUM] CWE-476 CVE-2016-8626: A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object re
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.
cvelistv5nvd