Vulnerabilities > Netapp > Solidfire Enterprise SDS HCI Storage Node
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-08 | CVE-2022-28796 | Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | 7.0 |
2022-03-10 | CVE-2021-3733 | Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. | 6.5 |
2022-03-03 | CVE-2022-0492 | Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. | 7.8 |
2022-02-26 | CVE-2022-23308 | Use After Free vulnerability in multiple products valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | 7.5 |
2022-02-26 | CVE-2020-36516 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products An issue was discovered in the Linux kernel through 5.16.11. | 5.9 |
2022-02-18 | CVE-2021-20322 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. | 7.4 |
2022-02-09 | CVE-2022-0391 | Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. | 7.5 |
2021-12-25 | CVE-2021-45485 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | 7.5 |
2021-06-11 | CVE-2021-22897 | Exposure of Resource to Wrong Sphere vulnerability in multiple products curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. | 5.3 |
2021-06-11 | CVE-2021-22901 | Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. | 8.1 |