Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe

Filtered by product Solidfire Baseboard Management Controller Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-33574	3 Fedoraproject, Gnu, Netapp	19 Fedora, Glibc, Cloud Backup and 16 more	2022-01-28	7.5 HIGH	9.8 CRITICAL
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
CVE-2021-22945	4 Fedoraproject, Haxx, Netapp and 1 more	20 Fedora, Libcurl, Clustered Data Ontap and 17 more	2021-11-28	5.8 MEDIUM	9.1 CRITICAL
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again.