CVE-2022-3854

Опубликовано: 06 мар. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=2139925
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2139925
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00088

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-177

NVD-CWE-Other

Связанные уязвимости

CVE-2022-3854

CVSS3: 6.5

ubuntu

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CVE-2022-3854

CVSS3: 5

redhat

больше 3 лет назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CVE-2022-3854

CVSS3: 6.5

msrc

почти 2 года назад

Описание отсутствует

CVE-2022-3854

CVSS3: 6.5

debian

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backen ...

GHSA-rm99-52xq-2r9w

CVSS3: 6.5

github

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

EPSS

Процентиль: 25%

0.00088

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-177

NVD-CWE-Other