RHSA-2025:21203HighCVSS 7.5
Red Hat Security Advisory: Red Hat Ceph Storage
🔗 CVE IDs covered (2)
📋 Description
CVE-2024-11831 — npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript CVE-2024-47866 — rgw: RGW DoS attack with empty HTTP header in S3 object copy
🔗 References (6)
- selfhttps://access.redhat.com/errata/RHSA-2025:21203
- externalhttps://access.redhat.com/security/cve/CVE-2024-11831
- externalhttps://access.redhat.com/security/cve/CVE-2024-47866
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21203.json