Latest netapp bootstrap os Vulnerabilities

CVE-2022-45061
A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder ...
redhat/python3<0:3.6.8-48.el8_7.1
redhat/python3.9<0:3.9.14-1.el9_1.2
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.16.0
redhat/python<3.11.1
redhat/python<3.10.9
and 51 more
CVE-2022-35252
A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), a...
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-30.el8
redhat/curl<0:7.76.1-23.el9
Apple macOS Ventura<13.1
Apple macOS Monterey<12.6.3
and 33 more
CVE-2022-32208
curl. Multiple issues were addressed by updating to curl version 7.84.0.
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-22.el8_6.4
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl<=7.64.0-4+deb10u2
Apple macOS Ventura<13
and 33 more
CVE-2022-32207
curl. Multiple issues were addressed by updating to curl version 7.84.0.
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl
Apple macOS Ventura<13
redhat/curl<7.84.0
and 31 more
CVE-2022-32206
A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited nu...
redhat/jbcs-httpd24-curl<0:7.86.0-2.el8
redhat/jbcs-httpd24-curl<0:7.86.0-2.el7
redhat/curl<0:7.61.1-22.el8_6.4
redhat/curl<0:7.61.1-18.el8_4.3
redhat/curl<0:7.76.1-14.el9_0.5
debian/curl<=7.64.0-4+deb10u2
and 57 more
CVE-2022-2068
OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request u...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 95 more
CVE-2022-1678
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
Linux Linux kernel>=4.18<=4.19
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Cloud Volumes Ontap Mediator
NetApp E-Series SANtricity OS Controller>=11.0<=11.70.2
Netapp Element Software
Netapp Hci Management Node
and 20 more
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was aut...
debian/curl<=7.64.0-4+deb10u2
debian/curl<=7.82.0-2<=7.74.0-1.3+deb11u1<=7.64.0-4+deb10u2
Haxx Curl>=7.33.0<7.83.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
NetApp Clustered Data ONTAP
and 26 more
CVE-2022-21496
An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 48 more
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14,...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_1
and 168 more
CVE-2022-21443
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown att...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 50 more
CVE-2020-36516
A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack (MITM) performs an IP fragmentation attack and an IPID collision. This flaw allow...
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
ubuntu/linux<4.15.0-176.185
ubuntu/linux<5.4.0-109.123
and 204 more
CVE-2022-23308
A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XML_PARSE_DTDVALID option and without the XML_PARSE_NOENT option, ...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 75 more
CVE-2021-4203
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.57.1.rt7.129.el8_4
redhat/kernel<0:4.18.0-305.57.1.el8_4
Linux Linux kernel<5.15
Linux Linux kernel=5.15
and 175 more
CVE-2021-3753
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_io...
Linux Linux kernel<5.15
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Apple iPadOS
Netapp Element Software
Netapp Hci Management Node
and 172 more
CVE-2020-13143
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attacke...
ubuntu/linux<4.15.0-109.110
ubuntu/linux<5.3.0-62.56
ubuntu/linux<5.4.0-40.44
ubuntu/linux<5.7~
ubuntu/linux<4.4.0-185.215
ubuntu/linux-aws<4.15.0-1077.81
and 153 more
CVE-2020-12888
Linux Kernel is vulnerable to a denial of service, caused by improper handling of attempts to access disabled memory space by the VFIO PCI driver. By sending a specially-crafted request, a local attac...
redhat/kernel-rt<0:3.10.0-1127.13.1.rt56.1110.el7
redhat/kernel<0:3.10.0-1127.13.1.el7
redhat/kernel-alt<0:4.14.0-115.26.1.el7a
redhat/kernel<0:3.10.0-327.89.1.el7
redhat/kernel<0:3.10.0-514.78.1.el7
redhat/kernel<0:3.10.0-693.71.2.el7
and 183 more
CVE-2020-11884
A flaw was found in the Linux kernel on s390 architecture. The issue occurs on multiprocessing systems when one s390 CPU is in Secondary Address Mode and another CPU does a kernel page table upgrade. ...
redhat/kernel<0:4.18.0-193.1.2.el8_2
redhat/kernel<0:4.18.0-80.23.2.el8_0
redhat/kernel<0:4.18.0-147.13.2.el8_1
redhat/kernel<5.7
ubuntu/linux<4.15.0-99.100
ubuntu/linux<5.3.0-51.44
and 107 more
CVE-2020-12770
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel<0:3.10.0-693.81.1.el7
redhat/kernel<0:3.10.0-957.65.1.el7
redhat/kernel<0:3.10.0-1062.40.1.el7
redhat/kernel-rt<0:4.18.0-240.rt7.54.el8
and 157 more
CVE-2019-17498
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a su...
Libssh2 Libssh2<=1.9.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
openSUSE Leap=15.1
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 7 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203