Vulnerabilities > Netapp > Cloud Insights Telegraf > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-24 CVE-2021-39293 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic.
network
low complexity
golang netapp CWE-770
5.0
2021-07-15 CVE-2021-34558 Improper Certificate Validation vulnerability in multiple products
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
network
low complexity
golang fedoraproject netapp oracle CWE-295
6.5