Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28165 | 4 Eclipse, Jenkins, Netapp and 1 more | 21 Jetty, Jenkins, Cloud Manager and 18 more | 2022-07-29 | 7.8 HIGH | 7.5 HIGH |
| In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. | |||||
| CVE-2021-23337 | 3 Lodash, Netapp, Oracle | 20 Lodash, Active Iq Unified Manager, Cloud Manager and 17 more | 2022-07-25 | 6.5 MEDIUM | 7.2 HIGH |
| Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | |||||
| CVE-2020-14058 | 3 Fedoraproject, Netapp, Squid-cache | 3 Fedora, Cloud Manager, Squid | 2022-04-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string. | |||||
| CVE-2021-27002 | 1 Netapp | 1 Cloud Manager | 2021-10-18 | 5.0 MEDIUM | 7.5 HIGH |
| NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. | |||||
| CVE-2021-28651 | 4 Debian, Fedoraproject, Netapp and 1 more | 4 Debian Linux, Fedora, Cloud Manager and 1 more | 2021-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption. | |||||
| CVE-2021-26992 | 1 Netapp | 1 Cloud Manager | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | |||||
| CVE-2021-26991 | 1 Netapp | 1 Cloud Manager | 2021-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager. | |||||