Vulnerabilities > Redhat > Ceph Storage > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-15 | CVE-2018-16846 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices. | 4.0 |
| 2018-10-09 | CVE-2018-14649 | Command Injection vulnerability in Redhat products It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. | 9.8 |
| 2018-08-01 | CVE-2016-9579 | Improper Input Validation vulnerability in Redhat products A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. | 7.5 |
| 2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 4.6 |