AVG-1195 log

Package ceph
Status Vulnerable
Severity Medium
Type content spoofing
Affected 14.2.8-1
Fixed Unknown
Current 14.2.8-1 [community]
Ticket Create
Created Sun Jun 28 16:13:25 2020
Issue Severity Remote Type Description
CVE-2020-10753 Medium Yes Content spoofing
A flaw was found in the Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader...
References
https://www.openwall.com/lists/oss-security/2020/06/25/5
https://github.com/ceph/ceph/pull/35773/commits/1524d3c0c5cb11775313ea1e2bb36a93257947f2