Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2020:3003
HistoryJul 20, 2020 - 1:52 p.m.

(RHSA-2020:3003) Moderate: Red Hat Ceph Storage 4.1 security and bug fix update

2020-07-2013:52:21
access.redhat.com
71

0.006 Low

EPSS

Percentile

77.8%

JSON

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

Security Fix(es):

  • ceph: header-splitting in RGW GetObject has a possible XSS (CVE-2020-1760)

  • ceph: radosgw: HTTP header injection via CORS ExposeHeader tag (CVE-2020-10753)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

For detailed information on changes in this release, see the Red Hat Ceph
Storage 4.1 Release Notes available at:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4.1/html/release_notes/

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64python3-ceph-argparse< 14.2.8-81.el8cppython3-ceph-argparse-14.2.8-81.el8cp.x86_64.rpm
RedHat7noarchceph-grafana-dashboards< 14.2.8-81.el7cpceph-grafana-dashboards-14.2.8-81.el7cp.noarch.rpm
RedHat8s390xrbd-mirror< 14.2.8-81.el8cprbd-mirror-14.2.8-81.el8cp.s390x.rpm
RedHat7ppc64leceph-fuse< 14.2.8-81.el7cpceph-fuse-14.2.8-81.el7cp.ppc64le.rpm
RedHat8ppc64leceph-mds< 14.2.8-81.el8cpceph-mds-14.2.8-81.el8cp.ppc64le.rpm
RedHat8ppc64lenfs-ganesha-rgw< 2.8.3-8.el8cpnfs-ganesha-rgw-2.8.3-8.el8cp.ppc64le.rpm
RedHat8ppc64leceph-selinux< 14.2.8-81.el8cpceph-selinux-14.2.8-81.el8cp.ppc64le.rpm
RedHat8ppc64lepython3-cephfs-debuginfo< 14.2.8-81.el8cppython3-cephfs-debuginfo-14.2.8-81.el8cp.ppc64le.rpm
RedHat8x86_64ceph-mon-debuginfo< 14.2.8-81.el8cpceph-mon-debuginfo-14.2.8-81.el8cp.x86_64.rpm
RedHat8x86_64rbd-fuse-debuginfo< 14.2.8-81.el8cprbd-fuse-debuginfo-14.2.8-81.el8cp.x86_64.rpm
Rows per page:
1-10 of 2851

Related

nessus 30
openvas 22
osv 8
ubuntu 2
veracode 3
cve 3
debian 3
freebsd 2
nvd 3
debiancve 3
alpinelinux 3
suse 2
cvelist 3
redhatcve 2
prion 3
redhat 2
fedora 2
ubuntucve 3
archlinux 2
gentoo 1
nessus
nessus
RHEL 7 / 8 : Red Hat Ceph Storage 4.1 (RHSA-2020:3003)
2020-07-20 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Ceph vulnerabilities (USN-4528-1)
2020-09-22 00:00:00
RHEL 7 : Red Hat Ceph Storage 3.3 (RHSA-2020:3504)
2020-08-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4528-1)
2020-09-23 00:00:00
openSUSE: Security Advisory for ceph (openSUSE-SU-2020:0898-1)
2020-06-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1748-1)
2021-04-19 00:00:00
osv
osv
ceph vulnerabilities
2020-09-22 11:17:52
CVE-2020-10753
2020-06-26 15:15:11
ceph - security update
2021-08-09 00:00:00
ubuntu
ubuntu
Ceph vulnerabilities
2020-09-22 00:00:00
Ceph vulnerabilities
2021-01-28 00:00:00
veracode
veracode
HTTP Header Injection
2020-07-21 04:06:57
Cross-Site Scripting (XSS)
2020-07-21 04:11:58
Cross-Site Scripting (XSS)
2021-05-23 06:05:56
cve
cve
CVE-2020-10753
2020-06-26 15:15:11
CVE-2020-1760
2020-04-23 15:15:14
CVE-2021-3524
2021-05-17 17:15:08
debian
debian
[SECURITY] [DLA 2735-1] ceph security update
2021-08-10 22:05:10
[SECURITY] [DLA 2171-1] ceph security update
2020-04-09 11:29:20
[SECURITY] [DLA 3629-1] ceph security update
2023-10-23 16:59:44
freebsd
freebsd
ceph14 -- HTTP header injection via CORS ExposeHeader tag
2020-05-27 00:00:00
ceph14 -- multiple security issues
2020-04-07 00:00:00
nvd
nvd
CVE-2020-10753
2020-06-26 15:15:11
CVE-2020-1760
2020-04-23 15:15:14
CVE-2021-3524
2021-05-17 17:15:08
debiancve
debiancve
CVE-2020-10753
2020-06-26 15:15:11
CVE-2020-1760
2020-04-23 15:15:14
CVE-2021-3524
2021-05-17 17:15:08
alpinelinux
alpinelinux
CVE-2020-10753
2020-06-26 15:15:11
CVE-2020-1760
2020-04-23 15:15:14
CVE-2021-3524
2021-05-17 17:15:08
suse
suse
Security update for ceph (important)
2020-06-29 00:00:00
Security update for ceph (important)
2020-04-10 00:00:00
cvelist
cvelist
CVE-2020-10753
2020-06-26 00:00:00
CVE-2020-1760
2020-04-23 00:00:00
CVE-2021-3524
2021-05-17 00:00:00
redhatcve
redhatcve
CVE-2020-10753
2020-06-25 19:22:59
CVE-2020-1760
2020-04-07 07:05:37
prion
prion
Design/Logic Flaw
2020-06-26 15:15:00
Input validation
2020-04-23 15:15:00
Design/Logic Flaw
2021-05-17 17:15:00
redhat
redhat
(RHSA-2020:3505) Moderate: Red Hat Ceph Storage 3.3 Security update
2020-08-18 17:48:48
(RHSA-2020:3504) Moderate: Red Hat Ceph Storage 3.3 security and bug fix update
2020-08-18 17:48:36
fedora
fedora
[SECURITY] Fedora 32 Update: ceph-14.2.10-1.fc32
2020-07-06 01:02:55
[SECURITY] Fedora 31 Update: ceph-14.2.9-1.fc31
2020-05-07 04:21:05
ubuntucve
ubuntucve
CVE-2020-10753
2020-06-26 00:00:00
CVE-2020-1760
2020-04-23 00:00:00
CVE-2021-3524
2021-05-17 00:00:00
archlinux
archlinux
[ASA-202011-22] ceph: multiple issues
2020-11-26 00:00:00
[ASA-202105-3] ceph: multiple issues
2021-05-19 00:00:00
gentoo
gentoo
Ceph: Multiple vulnerabilities
2021-05-26 00:00:00

0.006 Low

EPSS

Percentile

77.8%

JSON
Related for RHSA-2020:3003
nessus30openvas22osv8ubuntu2veracode3cve3debian3freebsd2nvd3debiancve3alpinelinux3suse2cvelist3redhatcve2prion3redhat2fedora2ubuntucve3archlinux2gentoo1