Total
43 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1059 | 3 Canonical, Dpdk, Redhat | 9 Ubuntu Linux, Data Plane Development Kit, Ceph Storage and 6 more | 2024-02-28 | 2.9 LOW | 6.1 MEDIUM |
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. | |||||
CVE-2018-10861 | 4 Ceph, Debian, Opensuse and 1 more | 9 Ceph, Debian Linux, Leap and 6 more | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. | |||||
CVE-2016-7031 | 2 Ceph Project, Redhat | 2 Ceph, Ceph Storage | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL. |