Lucene search
Veracode Vulnerability DatabaseVERACODE:25928HistoryJul 21, 2020 - 4:11 a.m.
Cross-Site Scripting (XSS)
2020-07-2104:11:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.006 Low
EPSS
Percentile
77.8%
ceph is vulnerable to cross-site scripting (XSS). Header-splitting in RGW GetObject allows an attacker to inject and execute arbitrary Javascript in a user’s browser.
References
access.redhat.com/errata/RHSA-2020:3003
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760
lists.debian.org/debian-lts-announce/2021/08/msg00013.html
lists.fedoraproject.org/archives/list/[email protected]/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/
security.gentoo.org/glsa/202105-39
usn.ubuntu.com/4528-1/
www.openwall.com/lists/oss-security/2020/04/07/1
Related
osv
osv
CVE-2020-1760
2020-04-23 15:15:14
ceph - security update
2020-04-09 00:00:00
ceph vulnerabilities
2020-09-22 11:17:52
cve
cve
CVE-2020-1760
2020-04-23 15:15:14
nessus
nessus
EulerOS Virtualization 3.0.2.6 : ceph-common (EulerOS-SA-2021-2897)
2022-01-06 00:00:00
EulerOS 2.0 SP3 : ceph-common (EulerOS-SA-2022-1157)
2022-02-23 00:00:00
SUSE SLES12 Security Update : ceph (SUSE-SU-2020:0962-1)
2020-04-10 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0962-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for ceph (EulerOS-SA-2022-1558)
2022-04-25 00:00:00
Huawei EulerOS: Security Advisory for ceph-common (EulerOS-SA-2021-2897)
2021-12-31 00:00:00
prion
prion
Input validation
2020-04-23 15:15:00
redhatcve
redhatcve
CVE-2020-1760
2020-04-07 07:05:37
debian
debian
[SECURITY] [DLA 2171-1] ceph security update
2020-04-09 11:29:20
[SECURITY] [DLA 2735-1] ceph security update
2021-08-10 22:05:10
[SECURITY] [DLA 3629-1] ceph security update
2023-10-23 16:59:44
nvd
nvd
CVE-2020-1760
2020-04-23 15:15:14
ubuntucve
ubuntucve
CVE-2020-1760
2020-04-23 00:00:00
alpinelinux
alpinelinux
CVE-2020-1760
2020-04-23 15:15:14
cvelist
cvelist
CVE-2020-1760
2020-04-23 00:00:00
debiancve
debiancve
CVE-2020-1760
2020-04-23 15:15:14
freebsd
freebsd
ceph14 -- multiple security issues
2020-04-07 00:00:00
redhat
redhat
suse
suse
Security update for ceph (important)
2020-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: ceph-14.2.9-1.fc31
2020-05-07 04:21:05
ubuntu
ubuntu
Ceph vulnerabilities
2020-09-22 00:00:00
archlinux
archlinux
[ASA-202011-22] ceph: multiple issues
2020-11-26 00:00:00
gentoo
gentoo
Ceph: Multiple vulnerabilities
2021-05-26 00:00:00