CVE-2019-10222 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An improper exception condition handling in Ceph allows to any single unauthenticated client to crash RGW component of Ceph by sending a special crafted HTTP request which lead to denial of service. The vulnerability affects the RGW component of Ceph, specifically the ceph-radosgw.
Group Package Affected Fixed Severity Status Ticket
AVG-1029 ceph 14.2.1-2 Medium Vulnerable
References
https://marc.info/?l=oss-security&m=156701115910378
https://github.com/ceph/ceph/pull/29967
https://github.com/ceph/ceph/commit/29753dd3ca71bba8713fcf7a09c4bb51629a6f63
Notes
Fixed in 14.2.3.