NetApp Cloud Insights Telegraf
By the Year
In 2024 there have been 0 vulnerabilities in NetApp Cloud Insights Telegraf . Cloud Insights Telegraf did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 3 | 7.50 |
| 2021 | 1 | 6.50 |
| 2020 | 1 | 7.50 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Cloud Insights Telegraf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Cloud Insights Telegraf Security Vulnerabilities
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4
CVE-2022-28131
7.5 - High
- August 10, 2022
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
Stack Exhaustion
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating
CVE-2021-39293
7.5 - High
- January 24, 2022
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.
Allocation of Resources Without Limits or Throttling
net/http in Go before 1.16.12 and 1.17.x before 1.17.5
CVE-2021-44716
7.5 - High
- January 01, 2022
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
Resource Exhaustion
The crypto/tls package of Go through 1.16.5 does not properly assert
CVE-2021-34558
6.5 - Medium
- July 15, 2021
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
Improper Certificate Validation
Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go)
CVE-2020-7919
7.5 - High
- March 16, 2020
Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.
Improper Certificate Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NetApp Cloud Insights Telegraf or by NetApp? Click the Watch button to subscribe.
