{"api_version":"1","generated_at":"2026-04-23T00:39:41+00:00","cve":"CVE-2020-1760","urls":{"html":"https://cve.report/CVE-2020-1760","api":"https://cve.report/api/cve/CVE-2020-1760.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-1760","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-1760"},"summary":{"title":"CVE-2020-1760","description":"A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2020-04-23 15:15:00","updated_at":"2023-11-07 03:19:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://www.openwall.com/lists/oss-security/2020/04/07/1","name":"https://www.openwall.com/lists/oss-security/2020/04/07/1","refsource":"MISC","tags":["Mailing List","Patch","Third Party Advisory"],"title":"oss-security - CVE-2020-1760 ceph: header-splitting in RGW GetObject has a possible XSS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html","name":"[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3629-1] ceph security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://usn.ubuntu.com/4528-1/","name":"USN-4528-1","refsource":"UBUNTU","tags":[],"title":"USN-4528-1: Ceph vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html","name":"[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2735-1] ceph security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/","name":"FEDORA-2020-81b9c6cddc","refsource":"","tags":[],"title":"[SECURITY] Fedora 31 Update: ceph-14.2.9-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/","name":"FEDORA-2020-81b9c6cddc","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 31 Update: ceph-14.2.9-1.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202105-39","name":"GLSA-202105-39","refsource":"GENTOO","tags":[],"title":"Ceph: Multiple vulnerabilities (GLSA 202105-39) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760","refsource":"CONFIRM","tags":["Issue Tracking","Third Party Advisory"],"title":"1812962 – (CVE-2020-1760) CVE-2020-1760 ceph: header-splitting in RGW GetObject has a possible XSS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-1760","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1760","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"31","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"linuxfoundation","cpe5":"ceph","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"linuxfoundation","cpe5":"ceph","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"linuxfoundation","cpe5":"ceph","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_container_platform","cpe6":"4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"1760","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_container_platform","cpe6":"4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-1760","qid":"178752","title":"Debian Security Update for ceph (DLA 2735-1)"},{"cve":"CVE-2020-1760","qid":"500847","title":"Alpine Linux Security Update for ceph"},{"cve":"CVE-2020-1760","qid":"502824","title":"Alpine Linux Security Update for ceph16"},{"cve":"CVE-2020-1760","qid":"6000278","title":"Debian Security Update for ceph (DLA 3629-1)"},{"cve":"CVE-2020-1760","qid":"670565","title":"EulerOS Security Update for ceph-common (EulerOS-SA-2021-2322)"},{"cve":"CVE-2020-1760","qid":"671233","title":"EulerOS Security Update for ceph-common (EulerOS-SA-2022-1157)"},{"cve":"CVE-2020-1760","qid":"671605","title":"EulerOS Security Update for ceph (EulerOS-SA-2022-1558)"},{"cve":"CVE-2020-1760","qid":"710075","title":"Gentoo Linux Ceph Multiple vulnerabilities (GLSA 202105-39)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2020-1760","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"[UNKNOWN]","product":{"product_data":[{"product_name":"ceph","version":{"version_data":[{"version_value":"15.2.1"},{"version_value":"14.2.9"},{"version_value":"13.2.9"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-79"}]}]},"references":{"reference_data":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760","refsource":"CONFIRM"},{"url":"https://www.openwall.com/lists/oss-security/2020/04/07/1","refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2020/04/07/1"},{"refsource":"FEDORA","name":"FEDORA-2020-81b9c6cddc","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/"},{"refsource":"UBUNTU","name":"USN-4528-1","url":"https://usn.ubuntu.com/4528-1/"},{"refsource":"GENTOO","name":"GLSA-202105-39","url":"https://security.gentoo.org/glsa/202105-39"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update","url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"}]},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input."}]},"impact":{"cvss":[[{"vectorString":"5.8/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L","version":"3.0"}]]}},"nvd":{"publishedDate":"2020-04-23 15:15:00","lastModifiedDate":"2023-11-07 03:19:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.21","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"1760","Ordinal":"160998","Title":"CVE-2020-1760","CVE":"CVE-2020-1760","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"1760","Ordinal":"1","NoteData":"A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"1760","Ordinal":"2","NoteData":"2020-04-23","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"1760","Ordinal":"3","NoteData":"2021-08-11","Type":"Other","Title":"Modified"}]}}}