Communications Cloud Native Core Binding Support Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2021-3752	Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. high complexity linux redhat fedoraproject netapp debian oracle CWE-362	7.1
2022-02-16	CVE-2021-3773	A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. network low complexity linux fedoraproject redhat oracle critical	9.8
2022-01-31	CVE-2022-0286	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux oracle CWE-476	5.5
2022-01-18	CVE-2021-4083	Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. local high complexity linux netapp debian oracle CWE-362	7.0
2022-01-14	CVE-2022-23219	Classic Buffer Overflow vulnerability in multiple products The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. network low complexity gnu oracle debian CWE-120 critical	9.8
2021-12-25	CVE-2021-45485	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. network low complexity linux netapp oracle CWE-327	7.5
2021-12-25	CVE-2021-45486	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. low complexity linux oracle CWE-327	3.5
2021-12-13	CVE-2021-43818	lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle	7.1
2021-12-09	CVE-2021-43797	Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. network low complexity netty quarkus netapp oracle debian	6.5
2021-12-08	CVE-2021-43527	Out-of-bounds Write vulnerability in multiple products NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. network low complexity mozilla netapp oracle starwindsoftware CWE-787 critical	9.8