NetApp Hci Storage Nodes
By the Year
In 2024 there have been 0 vulnerabilities in NetApp Hci Storage Nodes . Last year Hci Storage Nodes had 1 security vulnerability published. Right now, Hci Storage Nodes is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.10 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 6.70 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 9.80 |
It may take a day or so for new Hci Storage Nodes vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Hci Storage Nodes Security Vulnerabilities
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server
CVE-2023-32250
8.1 - High
- July 10, 2023
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
Race Condition
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free
CVE-2020-12464
6.7 - Medium
- April 29, 2020
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Dangling pointer
In Eclipse Jetty
CVE-2017-7657
9.8 - Critical
- June 26, 2018
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
Integer Overflow or Wraparound
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by NetApp? Click the Watch button to subscribe.
