Ceph

This hub aggregates every CVE we track for Ceph, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ceph.

• CVE-2024-47866RGW DoS attack with empty HTTP header in S3 object copy7.5Nov 12, 2025
• CVE-2024-48916Ceph is vulnerable to authentication bypass through RadosGW8.1Jul 30, 2025
• CVE-2025-52555CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS6.5Jun 26, 2025
• CVE-2023-43040IBM Spectrum Fusion HCI improper access control6.5May 13, 2024
• CVE-2022-3854A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.6.5Mar 6, 2023
• CVE-2022-3650A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.7.8Jan 17, 2023
• CVE-2021-3979A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weake...6.5Aug 25, 2022
• CVE-2022-0670A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "vol...9.1Jul 25, 2022
• CVE-2020-27839A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to at...5.4May 26, 2021
• CVE-2021-3531A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a d...5.3May 18, 2021
• CVE-2021-3524A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The...6.5May 17, 2021
• CVE-2021-20288An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker wh...7.2Apr 15, 2021
• CVE-2020-25678A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visi...4.4Jan 8, 2021
• CVE-2020-27781User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share t...7.1Dec 18, 2020
• CVE-2020-25660A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nauti...8.8Nov 23, 2020