OPENSUSE-SU-2021:0833-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 03 Jun 2021, 17:33
Last modified:04 Feb 2026, 04:11
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
03 Jun 2021, 17:33
Published
Vulnerability first disclosed
04 Feb 2026, 04:11
Last Modified
Vulnerability information updated
Description
Security update for ceph This update for ceph fixes the following issues: - Update to 15.2.12-83-g528da226523: - (CVE-2021-3509) fix cookie injection issue (bsc#1186021) - (CVE-2021-3531) RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (bsc#1186020) - (CVE-2021-3524) sanitize \r in s3 CORSConfiguration’s ExposeHeader (bsc#1185619) This update was imported from the SUSE:SLE-15-SP2:Update update project.
Affected Systems
- opensuse•ceph-test&distro=openSUSE Leap 15.2
< 15.2.12.83+g528da226523-lp152.2.18.1
- opensuse•ceph&distro=openSUSE Leap 15.2
< 15.2.12.83+g528da226523-lp152.2.18.1
References (7)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SVZR2UDWM64LU6NNFZNHXJWWFA6W2ZDV/
- https://bugzilla.suse.com/1185619
- https://bugzilla.suse.com/1186020
- https://bugzilla.suse.com/1186021
- https://www.suse.com/security/cve/CVE-2021-3509
- https://www.suse.com/security/cve/CVE-2021-3524
- https://www.suse.com/security/cve/CVE-2021-3531