CVE-2020-1760
- Source
- https://cve.org/CVERecord?id=CVE-2020-1760
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1760.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-1760
- Downstream
- Related
- Published
- 2020-04-23T15:15:14.607Z
- Modified
- 2026-02-05T11:30:40.200544Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
- References
-
- https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760
- https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html
- https://security.gentoo.org/glsa/202105-39
- https://usn.ubuntu.com/4528-1/
- https://www.openwall.com/lists/oss-security/2020/04/07/1
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760
- https://www.openwall.com/lists/oss-security/2020/04/07/1
- https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html
- https://www.openwall.com/lists/oss-security/2020/04/07/1
Affected packages
Git / github.com/ceph/ceph
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ceph/ceph
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
BRI-nautilus
mark-v0.*
mark-v0.70-wip
v0.*
v0.1
v0.10
v0.11
v0.12
v0.13
v0.14
v0.15
v0.16
v0.16.1
v0.17
v0.18
v0.19
v0.2
v0.20
v0.21
v0.21.1
v0.21.2
v0.21.3
v0.22
v0.22.1
v0.22.2
v0.23
v0.23.1
v0.23.2
v0.24
v0.24.1
v0.24.2
v0.24.3
v0.25
v0.25.1
v0.25.2
v0.26
v0.27
v0.27.1
v0.28
v0.28.1
v0.28.2
v0.29
v0.29.1
v0.3
v0.30
v0.31
v0.32
v0.33
v0.34
v0.35
v0.36
v0.37
v0.38
v0.39
v0.4
v0.40
v0.41
v0.42
v0.42.1
v0.42.2
v0.43
v0.44
v0.44.1
v0.44.2
v0.45
v0.46
v0.47
v0.47.1
v0.47.2
v0.47.3
v0.48argonaut
v0.49
v0.5
v0.50
v0.51
v0.52
v0.53
v0.54
v0.55
v0.55.1
v0.56
v0.57
v0.58
v0.59
v0.6
v0.60
v0.61
v0.62
v0.63
v0.64
v0.65
v0.66
v0.67
v0.67-rc1
v0.67-rc2
v0.67-rc3
v0.68
v0.69
v0.7
v0.7.1
v0.7.2
v0.7.3
v0.70
v0.71
v0.72
v0.72-rc1
v0.73
v0.74
v0.75
v0.76
v0.77
v0.78
v0.79
v0.8
v0.80
v0.80-rc1
v0.81
v0.82
v0.83
v0.84
v0.85
v0.86
v0.87
v0.88
v0.89
v0.9
v0.90
v0.91
v0.92
v0.93
v0.94
v10.*
v10.0.0
v10.0.1
v10.0.2
v10.0.3
v10.0.4
v10.0.5
v10.1.0
v10.1.1
v10.1.2
v10.2.0
v11.*
v11.0.0
v11.0.1
v11.0.2
v11.1.0
v12.*
v12.0.0
v12.0.1
v12.0.2
v12.0.3
v12.1.0
v12.1.1
v12.1.2
v13.*
v13.0.0
v13.0.1
v13.0.2
v13.1.0
v14.*
v14.0.0
v14.0.1
v14.1.0
v14.1.1
v14.2.0
v14.2.1
v14.2.10
v14.2.11
v14.2.12
v14.2.13
v14.2.14
v14.2.15
v14.2.16
v14.2.17
v14.2.18
v14.2.19
v14.2.2
v14.2.20
v14.2.3
v14.2.4
v14.2.5
v14.2.6
v14.2.7
v14.2.8
v14.2.9
v9.*
v9.0.0
v9.0.1
v9.0.2
v9.0.3
v9.1.0
v9.2.0