ceph vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ceph package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L CVE-2024-48916	<18.2.4+ds-11
L Insufficient Granularity of Access Control	<16.2.11+ds-5
M CVE-2022-3854	<16.2.10+ds-5
H CVE-2022-3650	<16.2.10+ds-4
C CVE-2022-0670	<16.2.10+ds-1
M Improper Authentication	<16.2.9+ds-1
M Improper Input Validation	<14.2.21-1
M Improper Input Validation	<14.2.21-1
M Cross-site Scripting (XSS)	<14.2.21-1
H Improper Authentication	<14.2.20-1
M Insufficiently Protected Credentials	<14.2.18-1
H Insufficiently Protected Credentials	<14.2.16-1
M Cleartext Storage of Sensitive Information	<14.2.18-1
H Authentication Bypass	<14.2.15-1
M HTTP Response Splitting	<14.2.15-1
H NULL Pointer Dereference	<14.2.4-1
M Cross-site Scripting (XSS)	<14.2.9-1
M Reusing a Nonce	<14.2.9-1
M Resource Exhaustion	<14.2.7-1
H Directory Traversal	<14.2.6-4
H Improper Handling of Exceptional Conditions	<14.2.4-1
L Information Exposure	<12.2.11+dfsg1-1
M Incorrect Permission Assignment for Critical Resource	<12.2.11+dfsg1-1
M Allocation of Resources Without Limits or Throttling	<12.2.11+dfsg1-1
H Improper Authentication	<12.2.8+dfsg1-1
H Improper Authentication	<12.2.8+dfsg1-1
M Improper Authentication	<12.2.8+dfsg1-1
H Improper Input Validation	<10.2.5-2
M Improper Input Validation	<10.2.5-1
M Use of Externally-Controlled Format String	<12.2.8+dfsg1-1
H Information Exposure	<10.2.5-1
M Improper Input Validation	<10.2.5-1
M CVE-2015-5245	<0.80.10-1