NetApp Max Data

Do you want an email whenever new security vulnerabilities are reported in NetApp Max Data?

By the Year

In 2022 there have been 0 vulnerabilities in NetApp Max Data . Max Data did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2022	0	0.00
2021	0	0.00
2020	4	7.95
2019	0	0.00
2018	0	0.00

It may take a day or so for new Max Data vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent NetApp Max Data Security Vulnerabilities

This affects the package express-fileupload before 1.1.8

CVE-2020-7699 9.8 - Critical - July 30, 2020

This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.

Mass Assignment

In Python 3.8.4, sys.path restrictions specified in a python38

CVE-2020-15801 9.8 - Critical - July 17, 2020

In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.

Untrusted Path

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML

CVE-2020-11022 6.1 - Medium - April 29, 2020

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

XSS

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements

CVE-2020-11023 6.1 - Medium - April 29, 2020

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Storagetek Acsls or by NetApp? Click the Watch button to subscribe.

NetApp
Vendor

NetApp Max Data
Product

By the Year

Recent NetApp Max Data Security Vulnerabilities

This affects the package express-fileupload before 1.1.8 CVE-2020-7699 9.8 - Critical - July 30, 2020

In Python 3.8.4, sys.path restrictions specified in a python38 CVE-2020-15801 9.8 - Critical - July 17, 2020

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML CVE-2020-11022 6.1 - Medium - April 29, 2020

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements CVE-2020-11023 6.1 - Medium - April 29, 2020