NetApp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any NetApp product.
RSS Feeds for NetApp security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in NetApp products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by NetApp Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 3 vulnerabilities in NetApp with an average score of 7.1 out of ten. Last year, in 2025 NetApp had 25 security vulnerabilities published. Right now, NetApp is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 1.01.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 7.10 |
| 2025 | 25 | 6.09 |
| 2024 | 138 | 5.92 |
| 2023 | 177 | 6.34 |
| 2022 | 427 | 6.15 |
| 2021 | 535 | 6.34 |
| 2020 | 375 | 5.93 |
| 2019 | 313 | 6.78 |
| 2018 | 180 | 6.31 |
It may take a day or so for new NetApp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-22052 | Mar 04, 2026 |
Info Disclosure in NetApp ONTAP 9.12.1+ S3 NAS BucketsONTAP versions 9.12.1 and higher with S3 NAS buckets are susceptible to an information disclosure vulnerability. Successful exploit could allow an authenticated attacker to view a listing of the contents in a directory for which they lack permission. |
Ontap 9
|
| CVE-2026-22048 | Feb 17, 2026 |
StorageGRID SSRF via Microsoft Entra ID SSO in 11.9.0.12/12.0.0.4StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an authenticated attacker with low privileges to delete configuration data or deny access to some resources. |
Storagegrid
|
| CVE-2026-22050 | Jan 12, 2026 |
NetApp ONTAP 9.16.1/9.17.1 Snapshot Locking: set Expiry None (priv-remote)ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none. |
Ontap 9
|
| CVE-2025-26517 | Sep 19, 2025 |
StorageGRID <11.8.0.15/11.9.0.8: Privilege Escalation via Grid Node DiscoveryStorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a privilege escalation vulnerability. Successful exploit could allow an unauthorized authenticated attacker to discover Grid node names and IP addresses or modify Storage Grades. |
Storagegrid
|
| CVE-2025-26516 | Sep 19, 2025 |
StorageGRID Admin Node DoS via Unauth Access (v<11.8.0.15/11.9.0.8)StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node. |
Storagegrid
|
| CVE-2025-26515 | Sep 19, 2025 |
StorageGRID SSRF (pre-11.8.0.15/11.9.0.8) Enables Unauth GM/TM Password ChangeStorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an unauthenticated attacker to change the password of any Grid Manager or Tenant Manager non-federated user. |
Storagegrid
|
| CVE-2025-26514 | Sep 19, 2025 |
StorageGRID XSS Reflected Vulnerability (before 11.9.0.8)StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cross-Site Scripting vulnerability. Successful exploit could allow an attacker to view or modify configuration settings or add or modify user accounts but requires the attacker to know specific information about the target instance and then trick a privileged user into clicking a specially crafted link. |
Storagegrid
|
| CVE-2025-27820 | Apr 24, 2025 |
Apache HttpClient 5.4.x: Domain check disabled in cookies & host validationA bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release |
Ontap Tools
|
| CVE-2025-30722 | Apr 15, 2025 |
Oracle MySQL Client 8.0.0-8.0.41 Vulnerable mysqldump Low-Priv Network ExploitVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N). |
Snapcenter
Active Iq Unified Manager
|
| CVE-2025-21583 | Apr 15, 2025 |
Oracle MySQL 8.4.0/9.0.0 Server DDL DoS via NetworkVulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Snapcenter
|
| CVE-2025-31672 | Apr 09, 2025 |
Apache POI OOXML <=5.3 Duplicate Zip Entry Validation FlawImproper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names (including the path) in the zip. In this case, products reading the affected file could read different data because 1 of the zip entries with the duplicate name is selected over another but different products may choose a different zip entry. This issue affects Apache POI poi-ooxml before 5.4.0. poi-ooxml 5.4.0 has a check that throws an exception if zip entries with duplicate file names are found in the input file. Users are recommended to upgrade to version poi-ooxml 5.4.0, which fixes the issue. Please read https://poi.apache.org/security.html for recommendations about how to use the POI libraries securely. |
Active Iq Unified Manager
|
| CVE-2025-1734 | Mar 30, 2025 |
PHP <8.1.32/8.2.28/8.3.19/8.4.5: Invalid Headers Treated as ValidIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers. |
Ontap
|
| CVE-2025-1736 | Mar 30, 2025 |
PHP Header Injection via Insufficient EOL Validation (<=8.1.32, <=8.2.28, <=8.3.19, <=8.4.5)In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted. |
Ontap
|
| CVE-2025-1861 | Mar 30, 2025 |
PHP 8.1-8.4 Lim. on HTTP Redirect Location Buffer (CVE-2025-1861)In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. |
Ontap
|
| CVE-2025-25291 | Mar 12, 2025 |
ruby-saml Auth Bypass via ReXML/Nokogiri Diff <1.12.4/1.18.0ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue. |
Storagegrid
|
| CVE-2025-25292 | Mar 12, 2025 |
Ruby-saml Auth Bypass via Signature Wrapping (before 1.12.4/1.18.0)ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 contain a patch for the issue. |
Storagegrid
|
| CVE-2025-27423 | Mar 03, 2025 |
Vim 9.1.0858 tar.vim Exec via Unsanitized :read – fixed 9.1.1164Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164 |
Hci Compute Node
|
| CVE-2025-26603 | Feb 18, 2025 |
Vim <9.1.1115 UAF via :display redirect to clipboard registers * or +Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
Hci Compute Node
|
| CVE-2025-26465 | Feb 18, 2025 |
OpenSSH VerifyHostKeyDNS DoS via Host Key Verification ErrorA vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. |
Active Iq Unified Manager
Ontap
|
| CVE-2025-26511 | Feb 13, 2025 |
Instaclustr Cassandra-Lucene-Index RBAC Bypass 4.0-rc1-4.1.8Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into Apache Cassandra version 4.x, are susceptible to a vulnerability which when successfully exploited could allow authenticated Cassandra users to remotely bypass RBAC and escalate their privileges. |
|
| CVE-2025-1215 | Feb 12, 2025 |
Vim 9.1.1096 Memory Corruption via --logA vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component. |
Bootstrap Os
|
| CVE-2025-1181 | Feb 11, 2025 |
Critical MemCorrupt in GNU Binutils 2.43 via _bfd_elf_gc_mark_rsecA vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue. |
Ontap Select Deploy Administration Utility
Active Iq Unified Manager
|
| CVE-2025-1178 | Feb 11, 2025 |
GNU Binutils 2.43: ld bfd_putl64 Memory Corruption (Remote, Hard Exploit)A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue. |
Ontap Select Deploy Administration Utility
Active Iq Unified Manager
|
| CVE-2025-0725 | Feb 05, 2025 |
libcurl Buffer Overflow via old zlib 1.2.0.3 integer overflow (CURLOPT_ACCEPT_ENCODING)When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. |
Hci Baseboard Management Controller
Solidfire Hci Management Node
Solidfire Hci Storage Node
And others... |
| CVE-2025-0167 | Feb 05, 2025 |
curl Leaks Netrc Password to Redirected HostWhen asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance. |
Element Software
Ontap Select Deploy Administration Utility
Solidfire Hci Management Node
And others... |
| CVE-2025-0509 | Feb 04, 2025 |
Sparkle <=2.6.4 Bypass EDSA Signing for Update ReplacementA security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkles (Ed)DSA signing checks. |
Hci Compute Node
Oncommand Workflow Automation
|
| CVE-2025-21492 | Jan 21, 2025 |
Oracle MySQL 8.0.36/8.4.0 Server Optimizer DoS via NetworkVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |
| CVE-2025-21502 | Jan 21, 2025 |
Oracle GraalVM JDK Hotspot CVE-2025-21502: Unauth Data Access (8u431-23.0.1)Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |
| CVE-2024-11053 | Dec 11, 2024 |
curl: Authentication Credential Leakage via HTTP RedirectsWhen asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. |
Ontap Select Deploy Administration Utility
Ontap
|
| CVE-2024-8932 | Nov 22, 2024 |
PHP ldap_escape() Integer Overflow Vulnerability on 32-bit SystemsIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. |
Ontap
|
| CVE-2024-3447 | Nov 14, 2024 |
QEMU SDHCI Emulation Heap-based Buffer Overflow VulnerabilityA heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. |
Hci Compute Node
|
| CVE-2024-52533 | Nov 11, 2024 |
GNOME GLib 2.x SOCKS4 Proxy Buffer Overflow Vulnerabilitygio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. |
Active Iq Unified Manager
Ontap Tools
|
| CVE-2024-21994 | Nov 08, 2024 |
StorageGRID 11.8 DoS via Service CrashStorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash. |
Storagegrid
|
| CVE-2024-38286 | Nov 07, 2024 |
Apache Tomcat TLS Handshake DoSAllocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.35 through 8.5.100 and 7.0.92 through 7.0.109. Other EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. |
Ontap Tools
|
| CVE-2024-49761 | Oct 28, 2024 |
REXML 3.3.8 ReDoS via Hex Numeric RefREXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. |
Ontap Tools
|
| CVE-2024-9823 | Oct 14, 2024 |
Jetty DosFilter OOM DoS via Crafted RequestsThere exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally. |
Active Iq Unified Manager
|
| CVE-2024-47554 | Oct 03, 2024 |
Uncontrolled CPU in Apache Commons IO <2.14.0 - XmlStreamReaderUncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue. |
Snapcenter
E Series Santricity Web Services Proxy
E Series Santricity Unified Manager
And others... |
| CVE-2024-47561 | Oct 03, 2024 |
Apache Avro 1.11.x Java SDK Schema Parsing Arbitrary Code ExecSchema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue. |
Active Iq Unified Manager
Brocade San Navigator
|
| CVE-2024-7254 | Sep 19, 2024 |
Java Protobuf: StackOverflow via Untrusted Nested SGROUP TagsAny project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker. |
Active Iq Unified Manager
Bluexp
Ontap Tools
And others... |
| CVE-2024-8096 | Sep 11, 2024 |
curl OCSP Stapling fails to reject nonrevoked error statusesWhen curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. |
Ontap Select Deploy Administration Utility
Active Iq Unified Manager
Ontap Tools
And others... |
| CVE-2024-8372 | Sep 09, 2024 |
AngularJS srcset Sanitization Flaw (1.3.0rc.4+) Content SpoofingImproper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status . |
Active Iq Unified Manager
|
| CVE-2024-8373 | Sep 09, 2024 |
AngularJS: srcset Sanitization Exploit Enables Image SpoofingImproper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status . |
Active Iq Unified Manager
|
| CVE-2024-6119 | Sep 03, 2024 |
Mbed TLS 3.x Certificate Name Check Crash (CVE-2024-6119)Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. |
Ontap Select Deploy Administration Utility
Active Iq Unified Manager
Management Services Element Software Netapp Hci
And others... |
| CVE-2024-38808 | Aug 20, 2024 |
Spring Framework 5.3.0-5.3.38 DoS via SpEL ExprIn Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Specifically, an application is vulnerable when the following is true: * The application evaluates user-supplied SpEL expressions. |
Oncommand Insight
Active Iq Unified Manager
|
| CVE-2024-21145 | Jul 16, 2024 |
Unauthenticated 2D API Data Leak in Oracle Java SE (8u41121.0.3)Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). |
Oncommand Workflow Automation
Oncommand Insight
Bluexp
And others... |
| CVE-2024-21131 | Jul 16, 2024 |
Oracle Java SE / GraalVM Hotspot RCE via API, before 21.0.3Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |
| CVE-2024-21144 | Jul 16, 2024 |
Concurrency Flaw Allowing Partial DoS in Oracle Java SE 8u411 & 11.0.23Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). |
Oncommand Workflow Automation
|
| CVE-2024-21140 | Jul 16, 2024 |
HotSpot RCE in Oracle Java SE 8u411/11.0.23/17.0.11 (CVE-2024-21140)Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |
| CVE-2024-21138 | Jul 16, 2024 |
Oracle Java SE Hotspot DoS CVE-2024-21138 (8u411-22.0.1)Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |
| CVE-2024-21147 | Jul 16, 2024 |
Unauthenticated Remote Exploit via Hotspot in Oracle Java SE 8u411, 11.0.23Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). |
Oncommand Workflow Automation
Oncommand Insight
Active Iq Unified Manager
And others... |