Bug#798567: [Ceph-maintainers] Bug#798567: Bug#798567: ceph: CVE-2015-5245: Rados rest gateway returns requested bucket name raw in Bucket response header

Fri, 11 Sep 2015 10:43:43 -0700 

On Fri, Sep 11, 2015 at 4:04 AM, Gaudenz Steinlin <gaud...@debian.org> wrote:
> I fail to see how this is a security issue.

Please see https://www.owasp.org/index.php/HTTP_Response_Splitting for
an explanation about HTTP header manipulation attacks.

- Ken

Reply via email to