CVE-2018-7262

Published: Mar 19, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2018:0546

vendor-advisory

x_refsource_REDHAT

https://github.com/ceph/ceph/pull/20488

x_refsource_CONFIRM

http://tracker.ceph.com/issues/23039

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1546611

x_refsource_CONFIRM

RHSA-2018:0548

vendor-advisory

x_refsource_REDHAT

FEDORA-2018-ed907ef9a0

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-7262

Description

Affected Products

References