ContextQMD
Back to Ceph

CVE-2021-3531: Swift API denial of service

doc/security/CVE-2021-3531.rst

21.0.0595 B
Original Source

.. _CVE-2021-3531:

CVE-2021-3531: Swift API denial of service

  • NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3531>_

Unauthenticated users of the Swift API can trigger a server-side assertion with a malformed URL, leading to a denial of service.

Affected versions

  • Nautilus v14.2.0 and later

Fixed versions

  • Pacific v16.2.4 (and later)
  • Octopus v15.2.12 (and later)
  • Nautilus v14.2.21 (and later)

Recommendations

All users of Ceph object storage (RGW) should upgrade.