exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

BDU:2025-00001

около 1 года назад

Уязвимость демона radosgw системы хранения данных Ceph, позволяющая нарушителю обойти процедуру аутентификации

CVSS3: 8.1

EPSS: Низкий

ROS-20250905-04

4 месяца назад

Уязвимость ceph

CVSS3: 8.1

EPSS: Низкий

CVE-2024-48916

6 месяцев назад

Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.

CVSS3: 8.1

EPSS: Низкий

CVE-2024-48916

около 1 года назад

Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.

CVSS3: 9.1

EPSS: Низкий

CVE-2024-48916

6 месяцев назад

Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.

CVSS3: 8.1

EPSS: Низкий

CVE-2024-48916

5 месяцев назад

Ceph is vulnerable to authentication bypass through RadosGW

CVSS3: 8.1

EPSS: Низкий

CVE-2024-48916

6 месяцев назад

Ceph is a distributed object, block, and file storage platform. In ver ...

CVSS3: 8.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2025-00001 Уязвимость демона radosgw системы хранения данных Ceph, позволяющая нарушителю обойти процедуру аутентификации	CVSS3: 8.1	0% Низкий	около 1 года назад
ROS-20250905-04 Уязвимость ceph	CVSS3: 8.1	0% Низкий	4 месяца назад
CVE-2024-48916 Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.	CVSS3: 8.1	0% Низкий	6 месяцев назад
CVE-2024-48916 Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.	CVSS3: 9.1	0% Низкий	около 1 года назад
CVE-2024-48916 Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published.	CVSS3: 8.1	0% Низкий	6 месяцев назад
CVE-2024-48916 Ceph is vulnerable to authentication bypass through RadosGW	CVSS3: 8.1	0% Низкий	5 месяцев назад
CVE-2024-48916 Ceph is a distributed object, block, and file storage platform. In ver ...	CVSS3: 8.1	0% Низкий	6 месяцев назад

Уязвимостей на страницу