Vulnerabilities in The Ceph Project

4 results

CVE-2019-10222HIGHA flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crashEPSS 4.6%CVE-2020-1699HIGHA path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has beeEPSS 2.1%CVE-2020-1759MEDIUMA vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discoEPSS 1.4%CVE-2018-16889MEDIUMCeph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in lEPSS 0.5%