CVE-2020-1760 – ceph: header-splitting in RGW GetObject has a possible XSS
https://notcve.org/view.php?id=CVE-2020-1760
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input. Se encontró un fallo en Ceph Object Gateway, donde admite peticiones enviadas por un usuario anónimo en Amazon S3. Este fallo podría conllevar a posibles ataques de tipo XSS debido a una falta de neutralización apropiada de una entrada no segura. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760 https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE https://security.gentoo.org/glsa/202105-39 https://usn.ubuntu.com/4528-1 https://www.openwall.com/lists/oss-security/2020/04/07/1 https://access.redhat.com/security/cve/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-1700
https://notcve.org/view.php?id=CVE-2020-1700
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system. Se encontró un fallo en la manera en que el front-end Ceph RGW Beast maneja desconexiones inesperadas. Un atacante autenticado puede abusar de este fallo al realizar múltiples intentos de desconexión resultando en una fuga permanente de una conexión de socket mediante radosgw. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00009.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1700 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://usn.ubuntu.com/4304-1 • CWE-400: Uncontrolled Resource Consumption •