Vulnerabilities > Netapp > Clustered Data Ontap Antivirus Connector > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-05	CVE-2022-2097	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. network low complexity openssl fedoraproject netapp siemens debian CWE-327	5.3
2022-05-03	CVE-2022-1343	Improper Certificate Validation vulnerability in multiple products The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. network low complexity openssl netapp CWE-295	5.3
2022-05-03	CVE-2022-1434	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. network high complexity openssl netapp CWE-327	5.9
2022-05-03	CVE-2022-29824	Integer Overflow or Wraparound vulnerability in multiple products In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf) and tree.c (xmlBuffer) don't check for integer overflows. network low complexity xmlsoft fedoraproject debian netapp oracle CWE-190	6.5
2021-07-09	CVE-2021-3541	XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. network low complexity xmlsoft redhat oracle netapp CWE-776	4.0
2021-05-14	CVE-2021-3537	NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. network high complexity xmlsoft redhat debian fedoraproject netapp oracle CWE-476	5.9
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-09-04	CVE-2020-24977	Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. network low complexity xmlsoft debian fedoraproject opensuse netapp oracle CWE-125	6.5
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.