NetApp Brocade Fabric Operating System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in NetApp Brocade Fabric Operating System.
By the Year
In 2026 there have been 0 vulnerabilities in NetApp Brocade Fabric Operating System. Brocade Fabric Operating System did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 7.50 |
| 2023 | 1 | 0.00 |
It may take a day or so for new Brocade Fabric Operating System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Brocade Fabric Operating System Security Vulnerabilities
Mbed TLS 3.x Certificate Name Check Crash (CVE-2024-6119)
CVE-2024-6119
7.5 - High
- September 03, 2024
Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
Object Type Confusion
libcurl HTTP/2 Push Memory Leak CVE-2024-2398
CVE-2024-2398
- March 27, 2024
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
Missing Release of Resource after Effective Lifetime
OpenSSH (<9.3) ssh-add Smartcard keys added to ssh-agent without per-hop ACL
CVE-2023-28531
- March 17, 2023
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NetApp Brocade Fabric Operating System or by NetApp? Click the Watch button to subscribe.
