Redhat Ceph
17 CVEs affecting Redhat Ceph. Latest disclosed: 2025-11-12. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-25660 | High | 8.8 | 2020-11-23 | A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then… |
CVE-2022-3650 | High | 7.8 | 2023-01-17 | A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump… |
CVE-2024-47866 | High | 7.5 | 2025-11-12 | Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument `x-amz-copy-source` to put an object… |
CVE-2018-1128 | High | 7.5 | 2018-07-10 | It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph c… |
CVE-2018-7262 | High | 7.5 | 2018-03-19 | In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, al… |
CVE-2020-27781 | High | 7.1 | 2020-12-18 | User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manil… |
CVE-2021-3524 | Medium | 6.5 | 2021-05-17 | A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP he… |
CVE-2018-16846 | Medium | 6.5 | 2019-01-15 | It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices. |
CVE-2016-8626 | Medium | 6.5 | 2018-07-31 | A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial… |
CVE-2017-16818 | Medium | 6.5 | 2017-12-20 | RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveragi… |
CVE-2016-5009 | Medium | 6.5 | 2016-07-12 | The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash… |
CVE-2018-14662 | Medium | 5.7 | 2019-01-15 | It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryp… |
CVE-2018-16889 | Medium | 5.5 | 2019-01-28 | Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaint… |
CVE-2020-27839 | Medium | 5.4 | 2021-05-26 | A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage w… |
CVE-2021-3531 | Medium | 5.3 | 2021-05-18 | A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can ca… |
CVE-2020-25678 | Medium | 4.4 | 2021-01-08 | A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for graf… |
CVE-2015-5245 | | 2015-12-03 | CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and… |