NetApp Kubernetes Monitoring Operator

Do you want an email whenever new security vulnerabilities are reported in NetApp Kubernetes Monitoring Operator?

By the Year

In 2023 there have been 0 vulnerabilities in NetApp Kubernetes Monitoring Operator . Last year Kubernetes Monitoring Operator had 4 security vulnerabilities published. Right now, Kubernetes Monitoring Operator is on track to have less security vulnerabilities in 2023 than it did last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	4	7.90
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Kubernetes Monitoring Operator vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent NetApp Kubernetes Monitoring Operator Security Vulnerabilities

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow

CVE-2022-24675 7.5 - High - April 20, 2022

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

Allocation of Resources Without Limits or Throttling

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value

CVE-2022-23806 9.1 - Critical - February 11, 2022

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

Unchecked Return Value

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags

CVE-2022-23773 7.5 - High - February 11, 2022

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.

AuthZ

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow

CVE-2022-23772 7.5 - High - February 11, 2022

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.

Integer Overflow or Wraparound

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Debian Linux or by NetApp? Click the Watch button to subscribe.

NetApp
Vendor

NetApp Kubernetes Monitoring Operator
Product

NetApp Kubernetes Monitoring Operator

By the Year

Recent NetApp Kubernetes Monitoring Operator Security Vulnerabilities

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow CVE-2022-24675 7.5 - High - April 20, 2022

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value CVE-2022-23806 9.1 - Critical - February 11, 2022

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags CVE-2022-23773 7.5 - High - February 11, 2022

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow CVE-2022-23772 7.5 - High - February 11, 2022