NetApp Steelstore
By the Year
In 2024 there have been 0 vulnerabilities in NetApp Steelstore . Steelstore did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 3 | 7.63 |
2018 | 3 | 5.70 |
It may take a day or so for new Steelstore vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Steelstore Security Vulnerabilities
A vulnerability was found in Linux Kernel
CVE-2019-14815
7.8 - High
- November 25, 2019
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Heap-based Buffer Overflow
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-5481
9.8 - Critical
- September 16, 2019
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Double-free
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free
CVE-2019-7317
5.3 - Medium
- February 04, 2019
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Dangling pointer
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack
CVE-2018-0734
5.9 - Medium
- October 30, 2018
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
Use of a Broken or Risky Cryptographic Algorithm
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack
CVE-2018-0735
5.9 - Medium
- October 29, 2018
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Use of a Broken or Risky Cryptographic Algorithm
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use
CVE-2018-15919
5.3 - Medium
- August 28, 2018
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for OpenBSD OpenSSH or by NetApp? Click the Watch button to subscribe.
![subscribe](/images/undraw_subscriber_vabu.png)