Ontap Tools Security Vulnerabilities and Issues — Ontap Tools CVE List

Lucene search

NetappOntap Tools

12 matches found

CVE•added 2024/03/10 5:15 a.m.•8282 views

CVE-2024-28757

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

7.5CVSS7.4AI score0.00487EPSS

CVE•added 2024/04/04 8:15 p.m.•4714 views

CVE-2023-38709

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

7.3CVSS7.1AI score0.03837EPSS

CVE•added 2021/01/26 9:15 p.m.•4237 views

CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.8CVSS8.3AI score0.92019EPSS

CVE•added 2020/06/04 1:15 p.m.•519 views

CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path atta...

7.4CVSS7.2AI score0.00375EPSS

CVE•added 2021/04/01 3:15 p.m.•499 views

CVE-2021-28165

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

7.8CVSS7.3AI score0.04692EPSS

CVE•added 2024/07/05 7:15 p.m.•369 views

CVE-2024-39689

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from GLOBALTRUST. Certifi 2024.7.04 removes root certificates from ...

7.5CVSS6AI score0.01928EPSS

CVE•added 2024/07/03 8:15 p.m.•354 views

CVE-2024-34750

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of a...

7.5CVSS7.8AI score0.17015EPSS

CVE•added 2024/09/03 4:15 p.m.•324 views

CVE-2024-6119

Issue summary: Applications performing certificate name checks (e.g., TLSclients checking server certificates) may attempt to read an invalid memoryaddress resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial ofser...

7.5CVSS6.5AI score0.00672EPSS

CVE•added 2024/03/21 9:15 a.m.•290 views

CVE-2024-29131

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

7.3CVSS5.8AI score0.00149EPSS

CVE•added 2024/01/15 8:15 p.m.•285 views

CVE-2024-0565

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

7.4CVSS7.2AI score0.00066EPSS

CVE•added 2023/05/30 10:15 p.m.•259 views

CVE-2023-2953

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

7.5CVSS7.3AI score0.0111EPSS

CVE•added 2025/04/24 12:15 p.m.•226 views

CVE-2025-27820

A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release

7.5CVSS6.9AI score0.00038EPSS