Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-15 CVE-2020-7071 Improper Input Validation vulnerability in multiple products
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL.
network
low complexity
php debian netapp CWE-20
5.0
2021-02-08 CVE-2021-21290 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
local
low complexity
netty debian quarkus oracle netapp CWE-379
5.5
2021-02-02 CVE-2021-21285 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon.
network
low complexity
docker debian netapp CWE-754
6.5
2021-02-02 CVE-2021-3281 Path Traversal vulnerability in multiple products
In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments.
network
low complexity
djangoproject fedoraproject netapp CWE-22
5.3
2021-01-26 CVE-2021-3114 Incorrect Calculation vulnerability in multiple products
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
network
low complexity
golang fedoraproject debian netapp CWE-682
6.5
2021-01-20 CVE-2021-2122 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).
network
low complexity
oracle netapp
6.8
2021-01-20 CVE-2021-2088 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
local
low complexity
oracle netapp
4.9
2021-01-20 CVE-2021-2087 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
local
low complexity
oracle netapp
4.9
2021-01-20 CVE-2021-2081 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure).
network
low complexity
oracle netapp
6.8
2021-01-20 CVE-2021-2076 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
6.8