Vulnerabilities > Netapp > Active IQ Unified Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-2160 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.0 |
| 2021-04-22 | CVE-2021-2154 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). | 4.9 |
| 2021-04-22 | CVE-2021-2146 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). | 4.9 |
| 2021-04-22 | CVE-2021-2144 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). | 6.5 |
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
| 2021-03-25 | CVE-2021-3449 | NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. | 5.9 |
| 2021-03-23 | CVE-2019-19343 | Improper Resource Shutdown or Release vulnerability in multiple products A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. | 5.0 |
| 2021-02-23 | CVE-2021-20220 | HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow. | 5.8 |
| 2021-02-15 | CVE-2021-23337 | Code Injection vulnerability in multiple products Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | 6.5 |
| 2021-02-08 | CVE-2021-21290 | Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.5 |