Vulnerabilities > Netapp > Oncommand Insight > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-01 | CVE-2022-30614 | IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request. | 7.5 |
| 2022-09-01 | CVE-2022-36773 | XXE vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |
| 2022-08-31 | CVE-2022-1259 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
| 2022-08-31 | CVE-2022-1319 | Unchecked Return Value vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
| 2022-08-26 | CVE-2021-3859 | Information Exposure Through Process Environment vulnerability in multiple products A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. | 7.5 |
| 2022-07-19 | CVE-2022-34169 | Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. | 7.5 |
| 2022-06-02 | CVE-2022-27778 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. | 8.1 |
| 2022-04-22 | CVE-2021-38886 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-04-19 | CVE-2022-21449 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). | 7.5 |
| 2022-04-19 | CVE-2022-21476 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). | 7.5 |