diff options
Diffstat (limited to 'doc/security/CVE-2021-3531.rst')
| -rw-r--r-- | doc/security/CVE-2021-3531.rst | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/doc/security/CVE-2021-3531.rst b/doc/security/CVE-2021-3531.rst new file mode 100644 index 000000000..907cb4764 --- /dev/null +++ b/doc/security/CVE-2021-3531.rst @@ -0,0 +1,28 @@ +.. _CVE-2021-3531: + +CVE-2021-3531: Swift API denial of service +========================================== + +* `NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3531>`_ + +Unauthenticated users of the Swift API can trigger a server-side assertion with a +malformed URL, leading to a denial of service. + + +Affected versions +----------------- + +* Nautilus v14.2.0 and later + +Fixed versions +-------------- + +* Pacific v16.2.4 (and later) +* Octopus v15.2.12 (and later) +* Nautilus v14.2.21 (and later) + + +Recommendations +--------------- + +All users of Ceph object storage (RGW) should upgrade. |