oss-sec mailing list archives
CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS ExposeHeader tag
From: Przemyslaw Roguski <proguski () redhat com>
Date: Thu, 25 Jun 2020 21:07:17 +0200
Hello Team, A flaw was found in the Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. This issue affects the RadosGW S3 API, it does not affect the Swift API. This flaw affects Nautilus and Octopus based versions. Red Hat has assigned CVE-2020-10753 and rated it as Moderate impact flaw. PR: https://github.com/ceph/ceph/pull/35773 Patch: https://github.com/ceph/ceph/pull/35773/commits/1524d3c0c5cb11775313ea1e2bb36a93257947f2 The fix will be included in the Octopus version in the coming days. Credit: William Bowling Best Regards, Przemyslaw Roguski / Red Hat Product Security
Current thread:
- CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS ExposeHeader tag Przemyslaw Roguski (Jun 25)