A flaw was found in the Ceph Object Gateway S3 API, where it did not properly validate the POST requests. This flaw allows an attacker to perform a denial of service attack using a malicious POST request with specially crafted XML payload, leading to a crash of the RGW process.
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.