Latest netapp vasa provider for clustered data ontap Vulnerabilities

CVE-2021-28163
Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink. By sen...
redhat/rh-eclipse-jetty<0:9.4.40-1.1.el7_9
redhat/jenkins<0:2.277.3.1620393611-1.el8
redhat/runc<0:1.0.0-95.rhaos4.8.gitcd80260.el8
redhat/jetty<9.4.39
redhat/jetty<10.0.2
redhat/jetty<11.0.2
and 33 more
CVE-2021-28165
### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU re...
maven/org.eclipse.jetty:jetty-server>=11.0.0<11.0.2
maven/org.eclipse.jetty:jetty-server>=10.0.0<10.0.2
maven/org.eclipse.jetty:jetty-server>=7.2.2<9.4.39
redhat/rh-eclipse-jetty<0:9.4.40-1.1.el7_9
redhat/jenkins<0:2.277.3.1620393611-1.el8
redhat/runc<0:1.0.0-95.rhaos4.8.gitcd80260.el8
and 29 more
CVE-2021-28164
Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by improper input validation by the default compliance mode. By sending specially-crafted requests with URIs that co...
redhat/rh-eclipse-jetty<0:9.4.40-1.1.el7_9
redhat/jetty<9.4.39
Eclipse Jetty=9.4.37-20210219
Eclipse Jetty=9.4.38-20210224
NetApp Cloud Manager
Netapp E-series Performance Analyzer
and 16 more
CVE-2020-13954
Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using the styleS...
Apache CXF<3.3.8
Apache CXF>=3.4.0<3.4.1
NetApp Snap Creator Framework
Netapp Vasa Provider For Clustered Data Ontap>=9.6
Oracle Business Intelligence=5.5.0.0.0
Oracle Business Intelligence=5.9.0.0.0
and 14 more
CVE-2020-11868
NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with a spoofed source IP address, a remote attacker could exploit this vulnerability to block unauth...
IBM ISAM<=9.0.7
IBM Security Verify Access<=10.0.0
redhat/ntp<4.2.8
redhat/ntp<4.3.100
NTP ntp<=4.2.7
NTP ntp>=4.3.98<4.3.100
and 52 more
CVE-2019-11815
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
debian/linux<=4.9.168-2<=4.19.28-2<=3.16.64-2<=4.9.168-1
ubuntu/linux<4.15.0-55.60
ubuntu/linux<5.0.0-16.17
ubuntu/linux<5.1~
ubuntu/linux<4.4.0-150.176
ubuntu/linux-aws<4.15.0-1047.49
and 93 more
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
debian/linux
Linux Linux kernel<3.16.66
Linux Linux kernel>=3.17<3.18.139
Linux Linux kernel>=3.19<4.4.179
Linux Linux kernel>=4.5<4.9.169
Linux Linux kernel>=4.10<4.14.112
and 12 more
CVE-2019-10246
Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a listing of directory contents. By sending a specially-crafted request, a rem...
Eclipse Jetty=9.2.27-20190403
Eclipse Jetty=9.3.26-20190403
Eclipse Jetty=9.4.16-20190411
Microsoft Windows
NetApp OnCommand System Manager>=3.0<=3.1.3
NetApp Snap Creator Framework
and 49 more
CVE-2019-10247
Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulner...
IBM Cognos Command Center<=10.2.4.1
debian/jetty9
redhat/jetty<9.2.28
redhat/jetty<9.3.27
redhat/jetty<9.4.16
Eclipse Jetty=7.0.0-20091005
and 334 more
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets fa...
redhat/kernel<0:2.6.32-754.24.2.el6
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel-alt<0:4.14.0-115.10.1.el7a
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel<0:3.10.0-693.61.1.el7
redhat/kernel<0:3.10.0-862.44.2.el7
and 114 more
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local at...
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
ubuntu/linux<4.15.0-50.54
ubuntu/linux<4.18.0-20.21
and 99 more
CVE-2018-20836
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel<0:3.10.0-957.65.1.el7
redhat/kernel<0:3.10.0-1062.43.1.el7
ubuntu/linux<4.15.0-44.47
ubuntu/linux<4.18.0-14.15
and 82 more
CVE-2018-2942
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unaut...
Oracle JDK=1.7.0-update181
Oracle JDK=1.8.0-update172
Oracle JRE=1.7.0-update181
Oracle JRE=1.8.0-update172
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
and 13 more
CVE-2018-2938
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows un...
Oracle JDK=1.6.0-update191
Oracle JDK=1.7.0-update181
Oracle JDK=1.8.0-update172
Oracle JRE=1.6.0-update191
Oracle JRE=1.7.0-update181
Oracle JRE=1.8.0-update172
and 15 more
CVE-2018-2941
Oracle Java SE 7u191, 8u181, and 10.0.2 fixes an unspecified vulnerability in the JavaFX component (<a href="https://access.redhat.com/security/cve/CVE-2018-2941">CVE-2018-2941</a>). Upstream has CVS...
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.1.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el7
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.2.el7
Oracle JDK=1.7.0-update181
Oracle JDK=1.8.0-update172
and 19 more
CVE-2018-2940
Oracle Java SE 6u201, 7u191, 8u181, and 10.0.2 fixes an unspecified vulnerability in the Libraries component (<a href="https://access.redhat.com/security/cve/CVE-2018-2940">CVE-2018-2940</a>). Upstre...
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.1.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el6
redhat/java<1.6.0-sun-1:1.6.0.211-1jpp.1.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el7
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.2.el7
redhat/java<1.6.0-sun-1:1.6.0.211-1jpp.1.el7
and 37 more
CVE-2018-2973
Oracle Java SE 6u201, 7u191, 8u181, and 10.0.2 fixes an unspecified vulnerability in the JSSE component (<a href="https://access.redhat.com/security/cve/CVE-2018-2973">CVE-2018-2973</a>). Upstream ha...
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.1.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el6
redhat/java<1.6.0-sun-1:1.6.0.211-1jpp.1.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el7
redhat/java<1.7.0-oracle-1:1.7.0.191-1jpp.2.el7
redhat/java<1.6.0-sun-1:1.6.0.211-1jpp.1.el7
and 38 more
CVE-2018-2964
Oracle Java SE 8u181 and 10.0.2 fixes an unspecified vulnerability in the Deployment component (<a href="https://access.redhat.com/security/cve/CVE-2018-2964">CVE-2018-2964</a>). Upstream has CVSS sc...
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el6
redhat/java<1.8.0-oracle-1:1.8.0.181-1jpp.2.el7
Oracle JDK=1.8.0-update172
Oracle JDK=10.0.1
Oracle JRE=1.8.0-update172
Oracle JRE=10.0.1
and 16 more
CVE-2018-2952
It was discovered that the implementation of the PatternSyntaxException class in the Concurrency component of OpenJDK failed to sufficiently validate the 'index' value (to ensure it's not greater than...
ubuntu/openjdk-7<7
ubuntu/openjdk-7<7
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-8<8
ubuntu/openjdk-lts<10.0.2+13-1ubuntu0.18.04.1
and 55 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203