Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Management_services_for_netapp_hci
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-17 | CVE-2023-24329 | An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | Fedora, Active_iq_unified_manager, Management_services_for_element_software, Management_services_for_netapp_hci, Ontap_select_deploy_administration_utility, Python | 7.5 | ||
| 2023-07-25 | CVE-2023-37920 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. | Certifi, Fedora, Active_iq_unified_manager, Management_services_for_element_software, Management_services_for_netapp_hci, Ontap_mediator, Ontap_select_deploy_administration_utility, Solidfire_\&_hci_storage_node | 9.8 | ||
| 2022-12-07 | CVE-2022-23491 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of... | Certifi, E\-Series_performance_analyzer, Management_services_for_element_software, Management_services_for_netapp_hci | 7.5 | ||
| 2022-11-09 | CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | Fedora, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Management_services_for_element_software, Management_services_for_netapp_hci, Samba | N/A | ||
| 2022-11-09 | CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability | Fedora, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Management_services_for_element_software, Management_services_for_netapp_hci, Samba | N/A | ||
| 2022-11-09 | CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability | Fedora, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Management_services_for_element_software, Management_services_for_netapp_hci, Samba | N/A | ||
| 2021-10-04 | CVE-2021-32626 | Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an... | Debian_linux, Fedora, Management_services_for_element_software, Management_services_for_netapp_hci, Communications_operations_monitor, Redis | 8.8 | ||
| 2021-10-04 | CVE-2021-32627 | Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to... | Debian_linux, Fedora, Management_services_for_element_software, Management_services_for_netapp_hci, Communications_operations_monitor, Redis | 7.5 | ||
| 2021-10-04 | CVE-2021-32628 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands... | Debian_linux, Fedora, Management_services_for_element_software, Management_services_for_netapp_hci, Communications_operations_monitor, Redis | 7.5 | ||
| 2021-10-04 | CVE-2021-32672 | Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. | Debian_linux, Fedora, Management_services_for_element_software, Management_services_for_netapp_hci, Communications_operations_monitor, Enterprise_linux, Software_collections, Redis | 4.3 |