High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-27775	An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. network low complexity haxx debian netapp brocade splunk	7.5
2022-06-02	CVE-2022-27778	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. network low complexity haxx netapp oracle splunk CWE-706	8.1
2022-06-02	CVE-2022-27780	Server-Side Request Forgery (SSRF) vulnerability in multiple products The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. network low complexity haxx netapp splunk CWE-918	7.5
2022-06-02	CVE-2022-27781	Infinite Loop vulnerability in multiple products libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. network low complexity haxx debian netapp splunk CWE-835	7.5
2022-05-26	CVE-2022-1882	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. local low complexity linux netapp CWE-416	7.8
2022-05-26	CVE-2022-22576	Missing Authentication for Critical Function vulnerability in multiple products An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. network low complexity haxx debian netapp brocade splunk CWE-306	8.1
2022-05-25	CVE-2022-1678	An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. network low complexity linux netapp	7.5
2022-05-19	CVE-2022-1183	Reachable Assertion vulnerability in multiple products On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. network low complexity isc netapp CWE-617	7.5
2022-05-18	CVE-2022-1734	Use After Free vulnerability in multiple products A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. local high complexity linux debian netapp CWE-416	7.0
2022-05-17	CVE-2022-1116	Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. local low complexity linux netapp CWE-190	7.8