Vulnerabilities > Netapp > Storagegrid

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2023-27318 Unspecified vulnerability in Netapp Storagegrid 11.6.0
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability.
network
low complexity
netapp
7.5
2023-03-02 CVE-2022-38734 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability.
network
low complexity
netapp
7.5
2022-08-05 CVE-2022-37434 Out-of-bounds Write vulnerability in multiple products
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
network
low complexity
zlib fedoraproject debian netapp apple stormshield CWE-787
critical
9.8
2022-05-25 CVE-2022-1678 An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
network
low complexity
linux netapp
7.5
2022-03-15 CVE-2022-0778 Infinite Loop vulnerability in multiple products
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.
7.5
2022-03-04 CVE-2022-23232 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access.
network
low complexity
netapp
4.9
2022-03-04 CVE-2022-23233 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service.
network
low complexity
netapp
5.0
2022-02-11 CVE-2022-23772 Integer Overflow or Wraparound vulnerability in multiple products
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
network
low complexity
golang netapp debian CWE-190
7.5
2022-02-11 CVE-2022-23773 Interpretation Conflict vulnerability in multiple products
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags.
network
low complexity
golang netapp CWE-436
7.5
2022-02-11 CVE-2022-23806 Unchecked Return Value vulnerability in multiple products
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
network
low complexity
golang netapp debian CWE-252
critical
9.1