Vulnerabilities > Netapp > H300E Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-29 CVE-2020-11023 Cross-site Scripting vulnerability in multiple products
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
6.1
2020-04-10 CVE-2020-8832 Information Exposure vulnerability in multiple products
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
local
low complexity
canonical netapp CWE-200
5.5