Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-26 | CVE-2022-1882 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. | 7.8 |
| 2022-05-26 | CVE-2022-22576 | Missing Authentication for Critical Function vulnerability in multiple products An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. | 8.1 |
| 2022-05-26 | CVE-2022-1664 | Path Traversal vulnerability in multiple products Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. | 9.8 |
| 2022-05-25 | CVE-2022-1678 | An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. | 7.5 |
| 2022-05-24 | CVE-2021-3597 | Race Condition vulnerability in multiple products A flaw was found in undertow. | 5.9 |
| 2022-05-24 | CVE-2021-3629 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 5.9 |
| 2022-05-19 | CVE-2022-28948 | Deserialization of Untrusted Data vulnerability in multiple products An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | 7.5 |
| 2022-05-19 | CVE-2022-22976 | Integer Overflow or Wraparound vulnerability in multiple products Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. | 5.3 |
| 2022-05-19 | CVE-2022-22978 | Incorrect Authorization vulnerability in multiple products In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. | 9.8 |
| 2022-05-19 | CVE-2022-1183 | Reachable Assertion vulnerability in multiple products On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. | 7.5 |