Netapp

Clustered Data Ontap Antivirus Connector

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-3711

  • EPSS 2.75%
  • Veröffentlicht 24.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:12

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen...

7.4

CVE-2021-3712

Warnung
  • EPSS 0.82%
  • Veröffentlicht 24.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:13

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the s...

6.5

CVE-2021-3541

  • EPSS 0.07%
  • Veröffentlicht 09.07.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:48

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

7.8

CVE-2021-3516

Exploit
  • EPSS 0.36%
  • Veröffentlicht 01.06.2021 14:15:10
  • Zuletzt bearbeitet 21.11.2024 06:21:43

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availabi...

8.6

CVE-2021-3517

  • EPSS 0.09%
  • Veröffentlicht 19.05.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:44

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...

8.8

CVE-2021-3518

  • EPSS 0.25%
  • Veröffentlicht 18.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:44

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, inte...

5.9

CVE-2021-3537

  • EPSS 0.11%
  • Veröffentlicht 14.05.2021 20:15:16
  • Zuletzt bearbeitet 21.11.2024 06:21:47

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could...

5.9

CVE-2020-1971

  • EPSS 0.34%
  • Veröffentlicht 08.12.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:45

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...

6.5

CVE-2020-24977

Exploit
  • EPSS 0.55%
  • Veröffentlicht 04.09.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 05:16:15

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

7.5

CVE-2019-19956

  • EPSS 0.15%
  • Veröffentlicht 24.12.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:35:44

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.