Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2021-23017	Off-by-one Error vulnerability in multiple products A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle CWE-193	7.7
2021-05-26	CVE-2021-25217	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. low complexity isc fedoraproject debian siemens netapp CWE-119	7.4
2021-05-21	CVE-2020-36332	Resource Exhaustion vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. network low complexity webmproject redhat debian netapp CWE-400	7.5
2021-05-19	CVE-2021-3517	Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle CWE-787	8.6
2021-05-18	CVE-2021-3518	Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. network low complexity xmlsoft debian redhat fedoraproject netapp oracle CWE-416	8.8
2021-04-05	CVE-2021-20305	Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. network high complexity nettle-project redhat fedoraproject netapp debian CWE-787	8.1
2021-03-25	CVE-2021-3450	Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. network high complexity openssl freebsd netapp windriver fedoraproject tenable oracle mcafee sonicwall nodejs CWE-295	7.4
2021-03-09	CVE-2020-35524	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. local low complexity libtiff debian fedoraproject netapp redhat CWE-787	7.8
2021-03-09	CVE-2020-35523	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. local low complexity libtiff debian netapp redhat CWE-190	7.8
2021-03-03	CVE-2021-20233	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-787	8.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.