Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-03 CVE-2022-28388 Double Free vulnerability in multiple products
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux debian fedoraproject netapp CWE-415
5.5
5.5
2022-04-03 CVE-2022-28389 Double Free vulnerability in multiple products
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
5.5
5.5
2022-04-03 CVE-2022-1210 Improper Resource Shutdown or Release vulnerability in multiple products
A vulnerability classified as problematic was found in LibTIFF 4.3.0.
network
low complexity
libtiff netapp CWE-404
6.5
6.5
2022-03-28 CVE-2022-1056 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp CWE-125
5.5
5.5
2022-03-25 CVE-2021-4147 Improper Locking vulnerability in multiple products
A flaw was found in the libvirt libxl driver.
local
low complexity
redhat fedoraproject netapp CWE-667
6.5
6.5
2022-03-25 CVE-2021-4203 Race Condition vulnerability in multiple products
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle CWE-362
6.8
6.8
2022-03-25 CVE-2022-0897 Improper Locking vulnerability in multiple products
A flaw was found in the libvirt nwfilter driver.
network
low complexity
redhat netapp CWE-667
4.3
4.3
2022-03-23 CVE-2021-25220 HTTP Request Smuggling vulnerability in multiple products
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.
network
low complexity
isc fedoraproject netapp siemens juniper CWE-444
6.8
6.8
2022-03-23 CVE-2022-0396 Improper Resource Shutdown or Release vulnerability in multiple products
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition.
network
low complexity
isc fedoraproject netapp siemens CWE-404
5.3
5.3
2022-03-18 CVE-2021-45868 Use After Free vulnerability in multiple products
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk).
local
low complexity
linux netapp CWE-416
5.5
5.5