Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Snap_creator_framework
(Netapp)Repositories |
• https://github.com/Perl/perl5
• https://github.com/dom4j/dom4j |
#Vulnerabilities | 41 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-10-28 | CVE-2021-22096 | In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. | Active_iq_unified_manager, Management_services_for_element_software_and_netapp_hci, Metrocluster_tiebreaker, Snap_creator_framework, Snapcenter, Communications_cloud_native_core_console, Communications_cloud_native_core_service_communication_proxy, Spring_framework | 4.3 | ||
2018-06-07 | CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | Mac_os_x, Archive\:\:tar, Ubuntu_linux, Debian_linux, Data_ontap_edge, Oncommand_workflow_automation, Snap_creator_framework, Snapdrive, Perl | 7.5 | ||
2020-02-11 | CVE-2016-5710 | NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. | Snap_creator_framework | N/A | ||
2016-12-21 | CVE-2016-7172 | NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user. | Snap_creator_framework | 7.5 | ||
2017-02-07 | CVE-2016-5372 | Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | Snap_creator_framework | 6.3 |