Browse all 4 CVE security advisories affecting The Ceph Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ceph is an open-source distributed storage platform designed to provide scalable, software-defined storage for block, object, and file systems. Historically, vulnerabilities have commonly included remote code execution, privilege escalation, and denial-of-service flaws, often stemming from improper input validation and authentication bypasses. The project maintains a security-focused development process, with regular audits and a CVE disclosure policy. While no major security incidents have been widely documented, the 4 recorded CVEs highlight potential risks in network services and API endpoints, emphasizing the need for timely patching in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-1699 | Red Hat Ceph Storage Ceph仪表板路径遍历漏洞 — cephCWE-200 | 7.5 | High | 2020-04-21 |
| CVE-2020-1759 | 多款Red Hat产品安全特征问题漏洞 — cephCWE-323 | 6.4 | Medium | 2020-04-13 |
| CVE-2019-10222 | Red Hat Ceph 资源管理错误漏洞 — cephCWE-755 | 7.5 | - | 2019-11-08 |
| CVE-2018-16889 | debug 日志信息泄露漏洞 — cephCWE-532 | 7.5 | - | 2019-01-28 |
This page lists every published CVE security advisory associated with The Ceph Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.