Clustered Data Ontap Security Vulnerabilities and Issues — Clustered Data Ontap CVE List

Lucene search

NetappClustered Data Ontap

7 matches found

CVE•added 2021/08/24 3:15 p.m.•635 views

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size req...

9.8CVSS9.9AI score0.02747EPSS

CVE•added 2021/08/24 3:15 p.m.•612 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byt...

7.4CVSS8AI score0.01283EPSS

CVE•added 2021/08/05 9:15 p.m.•408 views

CVE-2021-22925

curl supports the -t command line option, known as CURLOPT_TELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEW_ENV variables, libcurlcould be made to pass on uninitialized data from a stack based b...

5.3CVSS6.3AI score0.00406EPSS

CVE•added 2021/08/05 9:15 p.m.•379 views

CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively ,which could lead t...

4.3CVSS5.7AI score0.00835EPSS

CVE•added 2021/08/05 9:15 p.m.•299 views

CVE-2021-22922

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and thecli...

6.5CVSS6.6AI score0.0021EPSS

CVE•added 2021/08/05 9:15 p.m.•295 views

CVE-2021-22923

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrar...

5.3CVSS6.1AI score0.00086EPSS

CVE•added 2021/08/05 9:15 p.m.•256 views

CVE-2021-22926

libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPT_SSLCERT option (--cert with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certifica...

7.5CVSS7.2AI score0.00767EPSS