CVE-2019-19337MEDIUMCVSS 6.5vversion 3 (upstream versions of Ceph are not affected)2019-12-23
CVE-2019-19337 [MEDIUM] CWE-20 CVE-2019-19337: A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.
cvelistv5nvd