Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netapp Subscribe
Filtered by product Trident

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-29511 2 Golang, Netapp 2 Go, Trident 2023-07-27 6.8 MEDIUM 5.6 MEDIUM
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
CVE-2020-29509 2 Golang, Netapp 2 Go, Trident 2023-07-27 6.8 MEDIUM 5.6 MEDIUM
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
CVE-2021-34558 3 Fedoraproject, Golang, Netapp 5 Fedora, Go, Cloud Insights Telegraf and 2 more 2022-02-07 2.6 LOW 6.5 MEDIUM
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
CVE-2020-29510 2 Golang, Netapp 2 Go, Trident 2021-01-30 6.8 MEDIUM 5.6 MEDIUM
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
CVE-2019-11244 3 Kubernetes, Netapp, Redhat 3 Kubernetes, Trident, Openshift Container Platform 2020-10-02 1.9 LOW 5.0 MEDIUM
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation.