Cloud Volumes Ontap Mediator Security Vulnerabilities and Issues — Cloud Volumes Ontap Mediator CVE List

Lucene search

NetappCloud Volumes Ontap Mediator

10 matches found

CVE•added 2024/02/29 1:44 a.m.•8444 views

CVE-2024-26462

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.

5.5CVSS9.1AI score0.00024EPSS

CVE•added 2024/02/29 1:44 a.m.•6771 views

CVE-2024-26458

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.

5.3CVSS9.1AI score0.00206EPSS

CVE•added 2024/02/29 1:44 a.m.•4038 views

CVE-2024-26461

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

7.5CVSS9.1AI score0.00081EPSS

CVE•added 2020/07/13 1:15 p.m.•2478 views

CVE-2019-20907

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.

7.5CVSS7.6AI score0.0033EPSS

CVE•added 2022/03/15 5:15 p.m.•1200 views

CVE-2022-0778

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.8AI score0.0537EPSS

CVE•added 2021/03/25 3:15 p.m.•749 views

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a...

5.9CVSS6.7AI score0.15517EPSS

CVE•added 2021/03/25 3:15 p.m.•517 views

CVE-2021-3450

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.6AI score0.00504EPSS

CVE•added 2020/07/30 9:15 p.m.•325 views

CVE-2020-16166

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.

4.3CVSS5.6AI score0.01848EPSS

CVE•added 2022/02/26 4:15 a.m.•218 views

CVE-2020-36516

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

5.9CVSS6.2AI score0.00027EPSS

CVE•added 2022/05/25 3:15 p.m.•104 views

CVE-2022-1678

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

7.5CVSS7.2AI score0.00135EPSS