ceph.src vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ceph.src package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Link Following	*
M Inefficient Regular Expression Complexity	*
M Cross-site Scripting (XSS)	*
M Reusing a Nonce	*
M HTTP Response Splitting	*
M Cross-site Scripting (XSS)	*
M CVE-2025-68121	*
M CVE-2025-68121	*
H Allocation of Resources Without Limits or Throttling	*
H Allocation of Resources Without Limits or Throttling	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
M Improper Validation of Certificate with Host Mismatch	*
M Improper Validation of Certificate with Host Mismatch	*
M Improper Validation of Certificate with Host Mismatch	*
M Directory Traversal	*
M Directory Traversal	*
M Inefficient Regular Expression Complexity	*
H Resource Exhaustion	*
H Excessive Platform Resource Consumption within a Loop	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
M Improper Verification of Source of a Communication Channel	*
M Improper Verification of Source of a Communication Channel	*
M Improper Verification of Source of a Communication Channel	*
M Improper Verification of Source of a Communication Channel	*
M Improper Verification of Source of a Communication Channel	*
M Reachable Assertion	*
M Reachable Assertion	*
M Reachable Assertion	*
H Improper Input Validation	*
H Improper Input Validation	*
H Improper Input Validation	*
M Creation of Immutable Text Using String Concatenation	*
M Creation of Immutable Text Using String Concatenation	*
M Creation of Immutable Text Using String Concatenation	*
M Improper Validation of Syntactic Correctness of Input	*
M Improper Validation of Syntactic Correctness of Input	*
M Improper Validation of Syntactic Correctness of Input	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Use After Free	*
M HTTP Response Splitting	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Authorization	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Out-of-Bounds	*
M Out-of-Bounds	*
M Improper Input Validation	*
M Improper Input Validation	*
H Improper Authentication	*
H Insufficiently Protected Credentials	*
M Memory Leak	*
M Missing Release of Resource after Effective Lifetime	*
H Directory Traversal	*
H Directory Traversal	*
M Incorrect Authorization	*
M Incorrect Authorization	*
M Incorrect Authorization	*
H Placement of User into Incorrect Group	*
H Placement of User into Incorrect Group	*
L Improper Preservation of Permissions	*
M Improper Authentication	*
M NULL Pointer Dereference	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Cleartext Storage of Sensitive Information	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
L Cross-site Scripting (XSS)	*
L Cross-site Scripting (XSS)	*
M Authentication Bypass	*
L Improper Preservation of Permissions	*
H Insufficient Verification of Data Authenticity	*
H Insufficient Verification of Data Authenticity	*
M Improper Handling of URL Encoding (Hex Encoding)	*
M Improper Handling of URL Encoding (Hex Encoding)	*
M Directory Traversal	*
M Inefficient Regular Expression Complexity	*
M Insufficiently Protected Credentials	*
M Improper Input Validation	*
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Least Privilege Violation	*
M Least Privilege Violation	*
M Least Privilege Violation	*
M Least Privilege Violation	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Improper Input Validation	*
M CVE-2025-4673	*
M CVE-2025-4673	*
M CVE-2025-4673	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
H Link Following	*
H Exposure of Resource to Wrong Sphere	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*

Vulnerability

Vulnerable Version

Link Following