oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS ExposeHeader tag

From: Przemyslaw Roguski <proguski () redhat com>
Date: Thu, 25 Jun 2020 21:07:17 +0200
Hello Team,

A flaw was found in the Ceph Storage RadosGW (Ceph Object Gateway). The
vulnerability is related to the injection of HTTP headers via a CORS
ExposeHeader tag.
The newline character in the ExposeHeader tag in the CORS configuration
file generates a header injection in the response when the CORS request is
made.
This issue affects the RadosGW S3 API, it does not affect the Swift API.

This flaw affects Nautilus and Octopus based versions.
Red Hat has assigned CVE-2020-10753 and rated it as Moderate impact flaw.

PR:  https://github.com/ceph/ceph/pull/35773
Patch:
https://github.com/ceph/ceph/pull/35773/commits/1524d3c0c5cb11775313ea1e2bb36a93257947f2
The fix will be included in the Octopus version in the coming days.

Credit: William Bowling


Best Regards,
Przemyslaw Roguski  / Red Hat Product Security
Previous By Date Next
Previous By Thread Next

Current thread: