An update is now available for Red Hat Ceph Storage 7.1.

Red Hat Ceph Storage is a scalable, open, software-defined storage platform
 that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. 
 
These new packages include numerous enhancements, bug fixes, and known issues.
 Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:

https://docs.redhat.com/en/documentation/red_hat_ceph_storage/7/html/7.1_release_notes

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-23934: Improper Input Validation (CWE-20)
CVE-2023-25577: Allocation of Resources Without Limits or Throttling (CWE-770)
CVE-2023-46446: Exposure of Private Personal Information to an Unauthorized
 Actor (CWE-359)
CVE-2023-48795: Truncation of Security-relevant Information (CWE-222)
CVE-2024-24790: Misinterpretation of Input (CWE-115)
CVE-2024-34069: Cross-Site Request Forgery (CSRF) (CWE-352)
CVE-2024-42353: URL Redirection to Untrusted Site ('Open Redirect')
 (CWE-601)
CVE-2024-47191: Improper Limitation of a Pathname to a Restricted Directory
 ('Path Traversal') (CWE-22)
CVE-2024-48916: Insufficient Verification of Data Authenticity (CWE-345)