Vulnerabilities > Netapp > Cloud Secure Agent > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-18 CVE-2022-21618 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-10-18 CVE-2022-21626 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-10-18 CVE-2022-21628 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
2022-07-19 CVE-2022-21540 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
low complexity
oracle fedoraproject debian netapp azul
5.3
2022-07-19 CVE-2022-21541 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
high complexity
oracle fedoraproject debian netapp azul
5.9
2022-07-19 CVE-2022-21549 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle azul fedoraproject debian netapp
5.3
2022-05-12 CVE-2022-22970 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
network
high complexity
vmware oracle netapp CWE-770
5.3
2022-05-12 CVE-2022-22971 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
network
low complexity
vmware oracle netapp CWE-770
6.5
2022-04-19 CVE-2022-21426 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP).
network
low complexity
oracle debian netapp azul
5.3