2018-03-19 21:00:00
mitre
PUBLISHED
In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesnt handle malformed HTTP headers properly, allowing for denial of service.