Product:

Ontap_select_deploy_administration_utility

(Netapp)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 165
Date Id Summary Products Score Patch Annotated
2022-05-16 CVE-2022-1587 An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. Fedora, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire, Pcre2, Enterprise_linux 9.1
2022-05-26 CVE-2022-1664 Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. Debian_linux, Dpkg, Ontap_select_deploy_administration_utility 9.8
2022-06-13 CVE-2022-29244 npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=<name>`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published files into the npm registry they did not intend to include. Users should upgrade to the latest, patched version of npm v8.11.0, run: npm i -g npm@latest . Node.js versions v16.15.1,... Ontap_select_deploy_administration_utility, Npm 7.5
2022-08-03 CVE-2022-35737 SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. Ontap_select_deploy_administration_utility, Universal_forwarder, Sqlite 7.5
2022-07-01 CVE-2022-34903 GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. Debian_linux, Fedora, Gnupg, Active_iq_unified_manager, Ontap_select_deploy_administration_utility 6.5
2022-07-06 CVE-2021-3695 A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid... Fedora, Grub2, Ontap_select_deploy_administration_utility, Codeready_linux_builder, Developer_tools, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Openshift, Openshift_container_platform 4.5
2022-07-06 CVE-2021-3696 A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Grub2, Ontap_select_deploy_administration_utility, Codeready_linux_builder, Developer_tools, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Openshift, Openshift_container_platform 4.5
2022-07-29 CVE-2022-34526 A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities. Debian_linux, Fedora, Libtiff, Active_iq_unified_manager, Ontap_select_deploy_administration_utility 6.5
2022-08-24 CVE-2021-3999 A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. Debian_linux, Glibc, E\-Series_performance_analyzer, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Nfs_plug\-In, Ontap_select_deploy_administration_utility 7.8
2022-08-23 CVE-2021-3975 A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. Ubuntu_linux, Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Libvirt 6.5