Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.
7ab3522f846f6a648172b2520a0ceaea2ea557ede4081b724f6d25d68464c1a9
Ubuntu Security Notice 4528-1 - Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to perform an HTTP header injection attack. Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
1f8ff8e5a19c6a860564579db5b280092ff21ca26f8f1cdd7b29616059e8da49
Red Hat Security Advisory 2020-3003-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a cross site scripting vulnerability.
ea9d411a7fd3f0ec0d3a02a0e815cfaa2682c6b3cea190e9bb6d1e32d72ce8a5