| Max CVSS | 5.0 | Min CVSS | 2.7 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-16889 | 5.0 |
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
|
13-02-2023 - 04:52 | 28-01-2019 - 14:29 | |
| CVE-2018-14662 | 2.7 |
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
|
19-04-2022 - 15:42 | 15-01-2019 - 21:29 | |
| CVE-2018-16846 | 4.0 |
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
|
19-04-2022 - 15:42 | 15-01-2019 - 18:29 | |
| CVE-2019-3821 | 5.0 |
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulti
|
13-11-2020 - 16:15 | 27-03-2019 - 13:29 |