[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2023:1584-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":135,"epss":9,"epss_history":136,"metrics":137,"affected":138},"SUSE-SU-2023:1584-1","Security update for ceph\n\nThis update for ceph fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2022-0670: Fixed user/tenant read/write access to an entire file system (bsc#1201837).\n- CVE-2022-3650: Fixed Python script that allowed privilege escalation from ceph to root (bsc#1204430).\n- CVE-2022-3854: Fixed possible DoS issue in ceph URL processing on RGW backends (bsc#1205025).\n\nBug fixes:\n\n- osd, tools, kv: non-aggressive, on-line trimming of accumulated dups (bsc#1199183).\n- ceph-volume: fix fast device alloc size on mulitple device  (bsc#1200262).\n- cephadm: update monitoring container images (bsc#1200501).\n- mgr/dashboard: prevent alert redirect (bsc#1200978).\n- mgr/volumes: Add subvolumegroup resize cmd (bsc#1201797).\n- monitoring/ceph-mixin: add RGW host to label info (bsc#1201976).\n- mgr/dashboard: enable addition of custom Prometheus alerts (bsc#1202077).\n- python-common: Add 'KB' to supported suffixes in SizeMatcher (bsc#1203375).\n- mgr/dashboard: fix rgw connect when using ssl (bsc#1205436).\n- ceph.spec.in: Add -DFMT_DEPRECATED_OSTREAM to CXXFLAGS (bsc#1202292).\n- cephfs-shell: move source to separate subdirectory (bsc#1201604).\n\nFix in previous release:\n\n- mgr/cephadm: try to get FQDN for configuration files (bsc#1196046).\n- When an RBD is mapped, it is attempted to be deployed as an OSD. (bsc#1187748).\n- OSD marked down causes wrong backfill_toofull (bsc#1188911).\n- cephadm: Fix iscsi client caps (allow mgr \u003Cservice status> calls) (bsc#1192838).\n- mgr/cephadm: fix and improve osd draining (bsc#1200317).\n- add iscsi and nfs to upgrade process (bsc#1206158).\n- mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments (bsc#1192840).\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2022-0670",{"_key":17},"CVE-2022-3650",{"_key":19},"CVE-2022-3854",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2023-03-27T08:32:33Z","2026-02-04T02:22:53.780175Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,37,42,46,50,54,58,62,66,70,74,78,82,86,90,94,98,102,106,110,114,118,122,127,131],{"url":32,"sources":33,"tags":35},"https://www.suse.com/support/update/announcement/2023/suse-su-20231584-1/",[34],"osv_suse",[36],"Advisory",{"url":38,"sources":39,"tags":40},"https://bugzilla.suse.com/1187748",[34],[41],"REPORT",{"url":43,"sources":44,"tags":45},"https://bugzilla.suse.com/1188911",[34],[41],{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1192838",[34],[41],{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1192840",[34],[41],{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1196046",[34],[41],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1199183",[34],[41],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1200262",[34],[41],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1200317",[34],[41],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1200501",[34],[41],{"url":75,"sources":76,"tags":77},"https://bugzilla.suse.com/1200978",[34],[41],{"url":79,"sources":80,"tags":81},"https://bugzilla.suse.com/1201604",[34],[41],{"url":83,"sources":84,"tags":85},"https://bugzilla.suse.com/1201797",[34],[41],{"url":87,"sources":88,"tags":89},"https://bugzilla.suse.com/1201837",[34],[41],{"url":91,"sources":92,"tags":93},"https://bugzilla.suse.com/1201976",[34],[41],{"url":95,"sources":96,"tags":97},"https://bugzilla.suse.com/1202077",[34],[41],{"url":99,"sources":100,"tags":101},"https://bugzilla.suse.com/1202292",[34],[41],{"url":103,"sources":104,"tags":105},"https://bugzilla.suse.com/1203375",[34],[41],{"url":107,"sources":108,"tags":109},"https://bugzilla.suse.com/1204430",[34],[41],{"url":111,"sources":112,"tags":113},"https://bugzilla.suse.com/1205025",[34],[41],{"url":115,"sources":116,"tags":117},"https://bugzilla.suse.com/1205436",[34],[41],{"url":119,"sources":120,"tags":121},"https://bugzilla.suse.com/1206158",[34],[41],{"url":123,"sources":124,"tags":125},"https://www.suse.com/security/cve/CVE-2022-0670",[34],[126],"WEB",{"url":128,"sources":129,"tags":130},"https://www.suse.com/security/cve/CVE-2022-3650",[34],[126],{"url":132,"sources":133,"tags":134},"https://www.suse.com/security/cve/CVE-2022-3854",[34],[126],[],[],[],[139],{"ecosystem":140,"name":141,"vendor":142,"product":143,"cpe_part":9,"purl_type":144,"purl_namespace":142,"purl_name":143,"source":9,"versions":145},"SUSE Linux Enterprise","ceph","suse","ceph&distro=SUSE Enterprise Storage 7.1","rpm",[146],{"version":147,"is_range":148,"range_type":149,"version_start":9,"version_start_type":9,"version_end":150,"version_end_type":151,"fixed_in":9},"lt16_2_11_58+g38d6afd3b78_150300_3_6_1",true,"ecosystem","16.2.11.58+g38d6afd3b78-150300.3.6.1","excluding"]