Product:

Snap_creator_framework

(Netapp)
Repositories https://github.com/Perl/perl5
https://github.com/dom4j/dom4j
#Vulnerabilities 41
Date Id Summary Products Score Patch Annotated
2021-10-28 CVE-2021-22096 In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Active_iq_unified_manager, Management_services_for_element_software_and_netapp_hci, Metrocluster_tiebreaker, Snap_creator_framework, Snapcenter, Communications_cloud_native_core_console, Communications_cloud_native_core_service_communication_proxy, Spring_framework 4.3
2018-06-07 CVE-2018-12015 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. Mac_os_x, Archive\:\:tar, Ubuntu_linux, Debian_linux, Data_ontap_edge, Oncommand_workflow_automation, Snap_creator_framework, Snapdrive, Perl 7.5
2020-02-11 CVE-2016-5710 NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. Snap_creator_framework N/A
2016-12-21 CVE-2016-7172 NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user. Snap_creator_framework 7.5
2017-02-07 CVE-2016-5372 Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. Snap_creator_framework 6.3