CVE-2022-3854

Опубликовано: 03 нояб. 2022

Источник: redhat

CVSS3: 5

EPSS Низкий

Описание

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Ceph Storage 3	ceph	Out of support scope
Red Hat Ceph Storage 4	ceph	Affected
Red Hat Ceph Storage 5	ceph	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-177

https://bugzilla.redhat.com/show_bug.cgi?id=2139925ceph: possible DoS issue in ceph URL processing on RGW backends

EPSS

Процентиль: 25%

0.00088

Низкий

5 Medium

CVSS3

Связанные уязвимости

CVE-2022-3854

CVSS3: 6.5

ubuntu

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CVE-2022-3854

CVSS3: 6.5

nvd

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

CVE-2022-3854

CVSS3: 6.5

msrc

почти 2 года назад

Описание отсутствует

CVE-2022-3854

CVSS3: 6.5

debian

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backen ...

GHSA-rm99-52xq-2r9w

CVSS3: 6.5

github

почти 3 года назад

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

EPSS

Процентиль: 25%

0.00088

Низкий

5 Medium

CVSS3