H700S Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-03	CVE-2022-1434	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. network high complexity openssl netapp CWE-327	5.9
2022-05-03	CVE-2022-1473	Incomplete Cleanup vulnerability in multiple products The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. network low complexity openssl netapp CWE-459	7.5
2022-05-03	CVE-2022-29824	Integer Overflow or Wraparound vulnerability in multiple products In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf) and tree.c (xmlBuffer) don't check for integer overflows. network low complexity xmlsoft fedoraproject debian netapp oracle CWE-190	6.5
2022-05-02	CVE-2022-29968	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the Linux kernel through 5.17.5. local low complexity linux fedoraproject netapp CWE-909	7.8
2022-04-29	CVE-2022-1048	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. local high complexity linux redhat debian netapp CWE-416	7.0
2022-04-29	CVE-2022-1353	A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. local low complexity linux debian redhat netapp	7.1
2022-04-13	CVE-2022-29156	Double Free vulnerability in multiple products drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. local low complexity linux netapp CWE-415	7.8
2022-04-11	CVE-2022-28893	Use After Free vulnerability in multiple products The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. local low complexity linux netapp debian CWE-416	7.8
2022-04-08	CVE-2022-28796	Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. local high complexity linux redhat fedoraproject netapp CWE-362	7.0
2022-04-03	CVE-2022-28388	Double Free vulnerability in multiple products usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux debian fedoraproject netapp CWE-415	5.5