CVE-2019-10222

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An improper exception condition handling in Ceph allows to any single unauthenticated client to crash RGW component of Ceph by sending a special crafted HTTP request which lead to denial of service. The vulnerability affects the RGW component of Ceph, specifically the ceph-radosgw.
Group Package Affected Fixed Severity Status Ticket
AVG-1029 ceph 13.2.1-3 Medium Vulnerable
References
https://marc.info/?l=oss-security&m=156701115910378
https://github.com/ceph/ceph/pull/29967