Showing 1 - 1 of 1

CVE-2020-10753

Status Candidate

Overview

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.

Related Files

Red Hat Security Advisory 2020-3003-01: Posted Jul 20, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3003-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a cross site scripting vulnerability.; tags | advisory, xss; systems | linux, redhat; advisories | CVE-2020-10753, CVE-2020-1760; MD5 | fc492b96cd3af3b2842f919f6ccc0fea; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 146 files
Gentoo 62 files
Ubuntu 43 files
gh1mau 15 files
hyd3sec 14 files
Bobby Cooke 14 files
s1l3nt78 10 files
Edo Maland 10 files
Apple 5 files
Google Security Research 5 files

File Archives

Systems

AIX (418)
Apple (1,734)
BSD (368)
Cisco (1,896)
Debian (5,944)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (3,914)
HPUX (872)
iOS (269)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (38,156)
Mac OS X (668)
Mandriva (3,105)
NetBSD (255)
OpenBSD (471)
RedHat (8,916)
Slackware (941)
Solaris (1,593)
SUSE (1,444)
Ubuntu (6,776)
UNIX (8,707)
UnixWare (179)
Windows (5,659)
Other

CVE-2020-10753

Overview

Related Files

File Archive:

August 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems