mirror of
https://github.com/ceph/ceph
synced 2024-12-27 14:03:25 +00:00
29 lines
596 B
ReStructuredText
29 lines
596 B
ReStructuredText
|
.. _CVE-2021-3531:
|
||
|
|
||
|
CVE-2021-3531: Swift API denial of service
|
||
|
==========================================
|
||
|
|
||
|
* `NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3531>`_
|
||
|
|
||
|
Unauthenticated users of the Swift API can trigger a server-side assertion with a
|
||
|
malformed URL, leading to a denial of service.
|
||
|
|
||
|
|
||
|
Affected versions
|
||
|
-----------------
|
||
|
|
||
|
* Nautilus v14.2.0 and later
|
||
|
|
||
|
Fixed versions
|
||
|
--------------
|
||
|
|
||
|
* Pacific v16.2.4 (and later)
|
||
|
* Octopus v15.2.12 (and later)
|
||
|
* Nautilus v14.2.21 (and later)
|
||
|
|
||
|
|
||
|
Recommendations
|
||
|
---------------
|
||
|
|
||
|
All users of Ceph object storage (RGW) should upgrade.
|