Netapp

Storagegrid

72 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-27318

  • EPSS 0.32%
  • Published 05.02.2024 21:15:10
  • Last modified 21.11.2024 07:52:38

StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to a crash of the Local Distribution Router (LDR) service.

7.5

CVE-2022-38734

  • EPSS 0.1%
  • Published 02.03.2023 18:15:09
  • Last modified 07.03.2025 18:15:35

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.

6.5

CVE-2022-23238

  • EPSS 0.75%
  • Published 10.08.2022 20:15:30
  • Last modified 21.11.2024 06:48:14

Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limi...

9.8

CVE-2022-37434

Exploit
  • EPSS 92.68%
  • Published 05.08.2022 07:15:07
  • Last modified 30.05.2025 20:15:30

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...

7.5

CVE-2022-1678

  • EPSS 0.52%
  • Published 25.05.2022 15:15:07
  • Last modified 21.11.2024 06:41:14

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

7.5

CVE-2022-0778

Warning
  • EPSS 7.81%
  • Published 15.03.2022 17:15:08
  • Last modified 21.11.2024 06:39:22

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed ...

4.9

CVE-2022-23232

  • EPSS 0.34%
  • Published 04.03.2022 18:15:08
  • Last modified 21.11.2024 06:48:14

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had a...

7.5

CVE-2022-23233

  • EPSS 0.39%
  • Published 04.03.2022 18:15:08
  • Last modified 21.11.2024 06:48:14

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service.

9.1

CVE-2022-23806

  • EPSS 0.02%
  • Published 11.02.2022 01:15:07
  • Last modified 21.11.2024 06:49:17

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

7.5

CVE-2022-23773

  • EPSS 0.07%
  • Published 11.02.2022 01:15:07
  • Last modified 21.11.2024 06:49:15

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.