Vulnerabilities > Netapp > Storagegrid
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-2755 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). | 3.7 |
| 2020-04-15 | CVE-2020-2754 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). | 3.7 |
| 2020-03-13 | CVE-2020-8571 | Unspecified vulnerability in Netapp Storagegrid 10.0.0/11.3 StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11.3 prior to 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause a Denial of Service (DoS). | 5.0 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2018-04-19 | CVE-2018-2826 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). | 8.3 |
| 2018-04-19 | CVE-2018-2825 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). | 8.3 |
| 2018-03-26 | CVE-2018-1312 | Improper Authentication vulnerability in multiple products In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. | 9.8 |
| 2018-03-26 | CVE-2018-1303 | Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. | 7.5 |
| 2018-03-26 | CVE-2018-1302 | NULL Pointer Dereference vulnerability in multiple products When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. | 5.9 |
| 2018-03-26 | CVE-2018-1301 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. | 5.9 |