Santricity Cloud Connector

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-21	CVE-2020-14779	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). network high complexity oracle debian fedoraproject opensuse netapp	3.7
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2018-06-26	CVE-2017-7658	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. network low complexity eclipse debian oracle hp netapp CWE-444 critical	9.8
2018-06-26	CVE-2017-7657	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. network low complexity eclipse debian netapp hp oracle CWE-444 critical	9.8
2018-06-22	CVE-2018-12538	Session Fixation vulnerability in multiple products In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. network low complexity eclipse netapp CWE-384	8.8
2018-04-19	CVE-2018-2826	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp	8.3
2018-04-19	CVE-2018-2825	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp	8.3
2018-03-26	CVE-2018-1303	Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. network low complexity apache debian canonical netapp CWE-125	7.5
2018-03-26	CVE-2018-1302	NULL Pointer Dereference vulnerability in multiple products When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. network high complexity apache canonical netapp CWE-476	5.9