Vulnerabilities > Netapp > Management Services FOR Element Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-04 | CVE-2021-32687 | Integer Overflow to Buffer Overflow vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. | 7.5 |
| 2021-10-04 | CVE-2021-32762 | Integer Overflow to Buffer Overflow vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. | 8.8 |
| 2021-06-09 | CVE-2021-28169 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. | 5.3 |
| 2021-05-27 | CVE-2021-22118 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. | 7.8 |
| 2021-02-26 | CVE-2020-27223 | Resource Exhaustion vulnerability in multiple products In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. | 5.3 |