Vulnerabilities > Netapp > Oncommand Workflow Automation > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-16 CVE-2024-21145 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).
network
high complexity
oracle netapp
4.8
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
2022-08-29 CVE-2022-36033 Cross-site Scripting vulnerability in multiple products
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety.
network
low complexity
jsoup netapp CWE-79
6.1
2022-08-23 CVE-2022-35278 Cross-site Scripting vulnerability in multiple products
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
network
low complexity
apache netapp CWE-79
6.1
2022-05-24 CVE-2021-3597 Race Condition vulnerability in multiple products
A flaw was found in undertow.
network
high complexity
redhat netapp CWE-362
5.9
2022-05-24 CVE-2021-3629 Resource Exhaustion vulnerability in multiple products
A flaw was found in Undertow.
network
high complexity
redhat netapp CWE-400
5.9
2022-05-06 CVE-2022-24823 Netty is an open-source, asynchronous event-driven network application framework.
local
low complexity
netty oracle netapp
5.5
2022-04-27 CVE-2022-24891 ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp oracle netapp
6.1
2022-01-26 CVE-2021-22570 NULL Pointer Dereference vulnerability in multiple products
Nullptr dereference when a null char is present in a proto symbol.
5.5
2021-12-09 CVE-2021-43797 Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
low complexity
netty quarkus netapp oracle debian
6.5