1
Candidate: CVE-2015-5245
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5245
6
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or
7
RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP
8
headers and conduct HTTP response splitting attacks via a crafted bucket
13
http://tracker.ceph.com/issues/12537
14
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798567
20
upstream: https://github.com/ceph/ceph/pull/5430
21
upstream: https://github.com/ceph/ceph/commit/75d80aa5ce8be83894b6f175bf646f39a4fe24f3
22
upstream_ceph: needs-triage
23
precise_ceph: ignored (reached end-of-life)
24
precise/esm_ceph: needed
25
trusty_ceph: not-affected (0.80.11-0ubuntu1.14.04.2)
26
vivid_ceph: ignored (reached end-of-life)
27
vivid/stable-phone-overlay_ceph: DNE
28
vivid/ubuntu-core_ceph: DNE
29
wily_ceph: ignored (reached end-of-life)
30
xenial_ceph: not-affected (10.2.2-0ubuntu0.16.04.2)
31
yakkety_ceph: not-affected (10.2.2-0ubuntu5)
32
zesty_ceph: not-affected (10.2.2-0ubuntu5)
33
artful_ceph: not-affected (10.2.2-0ubuntu5)
34
bionic_ceph: not-affected (10.2.2-0ubuntu5)
35
devel_ceph: not-affected (10.2.2-0ubuntu5)