Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3599 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-125
6.5
6.5
2022-10-21 CVE-2022-3626 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-787
6.5
6.5
2022-10-21 CVE-2022-3627 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-787
6.5
6.5
2022-10-19 CVE-2022-23241 Unspecified vulnerability in Netapp Clustered Data Ontap 9.11.1
Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.
network
low complexity
netapp
8.1
8.1
2022-10-17 CVE-2022-3564 Race Condition vulnerability in multiple products
A vulnerability classified as critical was found in Linux Kernel.
high complexity
linux debian netapp CWE-362
7.1
7.1
2022-10-17 CVE-2022-3545 A vulnerability has been found in Linux Kernel and classified as critical.
local
low complexity
linux netapp debian
7.8
7.8
2022-10-13 CVE-2022-31123 Grafana is an open source observability and data visualization platform.
local
low complexity
grafana netapp
7.8
7.8
2022-10-13 CVE-2022-42889 Code Injection vulnerability in multiple products
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded.
network
low complexity
apache netapp juniper CWE-94
critical
 9.8
9.8
2022-10-02 CVE-2022-42003 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
7.5
2022-10-02 CVE-2022-42004 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
7.5