| CVE-2020-25660 |
High |
Yes |
Authentication bypass |
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is... |
| CVE-2020-10753 |
Medium |
Yes |
Content spoofing |
A flaw was found in the Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader... |
| CVE-2020-1760 |
Medium |
Yes |
Cross-site scripting |
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks... |
| CVE-2020-1759 |
Medium |
Yes |
Private key recovery |
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2, where a nonce reuse vulnerability was discovered in the... |