Vulnerabilities > Netapp > HCI Management Node > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-23	CVE-2022-35252	When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. network high complexity haxx netapp apple debian splunk	3.7
2022-04-19	CVE-2022-21443	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network high complexity oracle netapp debian azul	3.7
2022-01-19	CVE-2022-21248	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). network high complexity oracle netapp debian fedoraproject	3.7
2021-10-20	CVE-2021-35603	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). network high complexity oracle netapp debian fedoraproject	3.7
2021-10-20	CVE-2021-35588	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). network high complexity oracle netapp fedoraproject debian	3.1
2021-04-01	CVE-2021-22890	Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. network high complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-290	3.7
2021-01-12	CVE-2021-23239	Link Following vulnerability in multiple products The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. local high complexity sudo-project netapp fedoraproject debian CWE-59	2.5
2020-12-14	CVE-2020-8284	A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. network high complexity haxx fedoraproject debian netapp apple oracle fujitsu siemens splunk	3.7
2020-10-21	CVE-2020-14779	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). network high complexity oracle debian fedoraproject opensuse netapp	3.7
2020-10-21	CVE-2020-14781	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). network high complexity oracle netapp debian opensuse	3.7