Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-04 | CVE-2021-23383 | The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. | 7.5 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 5.8 |
| 2021-04-29 | CVE-2021-25215 | Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. | 7.5 |
| 2021-04-29 | CVE-2021-25216 | Out-of-bounds Read vulnerability in multiple products In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. | 6.8 |
| 2021-04-29 | CVE-2021-25214 | Reachable Assertion vulnerability in multiple products In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. | 6.5 |
| 2021-04-22 | CVE-2021-2308 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). | 4.0 |
| 2021-04-22 | CVE-2021-2307 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). | 3.3 |
| 2021-04-22 | CVE-2021-2305 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). | 4.0 |
| 2021-04-22 | CVE-2021-2304 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). | 5.5 |
| 2021-04-22 | CVE-2021-2301 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). | 4.0 |