Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product Solidfire
Total 193 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22922 6 Fedoraproject, Haxx, Netapp and 3 more 23 Fedora, Curl, Cloud Backup and 20 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.
CVE-2021-22890 8 Broadcom, Debian, Fedoraproject and 5 more 11 Fabric Operating System, Debian Linux, Fedora and 8 more 2024-11-21 4.3 MEDIUM 3.7 LOW
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.
CVE-2021-22876 8 Broadcom, Debian, Fedoraproject and 5 more 12 Fabric Operating System, Debian Linux, Fedora and 9 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
CVE-2021-22555 3 Brocade, Linux, Netapp 20 Fabric Operating System, Linux Kernel, Aff 500f and 17 more 2024-11-21 4.6 MEDIUM 8.3 HIGH
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2020-9391 3 Fedoraproject, Linux, Netapp 10 Fedora, Linux Kernel, Active Iq Unified Manager and 7 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.
CVE-2020-9383 5 Canonical, Debian, Linux and 2 more 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more 2024-11-21 3.6 LOW 7.1 HIGH
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
CVE-2020-8992 4 Canonical, Linux, Netapp and 1 more 11 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 8 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
CVE-2020-8835 4 Canonical, Fedoraproject, Linux and 1 more 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more 2024-11-21 7.2 HIGH 7.8 HIGH
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
CVE-2020-8698 5 Debian, Fedoraproject, Intel and 2 more 49 Debian Linux, Fedora, Core I3-1000g1 and 46 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8696 4 Debian, Fedoraproject, Intel and 1 more 502 Debian Linux, Fedora, Celeron 3855u and 499 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8584 1 Netapp 4 Element Os, Hci Management Node, Hci Storage Node and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.
CVE-2020-8286 8 Apple, Debian, Fedoraproject and 5 more 20 Mac Os X, Macos, Debian Linux and 17 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
CVE-2020-8285 9 Apple, Debian, Fedoraproject and 6 more 30 Mac Os X, Macos, Debian Linux and 27 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
CVE-2020-8284 9 Apple, Debian, Fedoraproject and 6 more 29 Mac Os X, Macos, Debian Linux and 26 more 2024-11-21 4.3 MEDIUM 3.7 LOW
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
CVE-2020-29369 2 Linux, Netapp 5 Linux Kernel, Hci Compute Node, Hci Management Node and 2 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29368 2 Linux, Netapp 9 Linux Kernel, Cloud Backup, Element Software and 6 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-27223 5 Apache, Debian, Eclipse and 2 more 16 Nifi, Solr, Spark and 13 more 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
CVE-2020-26116 7 Canonical, Debian, Fedoraproject and 4 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2024-11-21 6.4 MEDIUM 7.2 HIGH
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-1971 8 Debian, Fedoraproject, Netapp and 5 more 46 Debian Linux, Fedora, Active Iq Unified Manager and 43 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).
CVE-2020-1752 4 Canonical, Debian, Gnu and 1 more 9 Ubuntu Linux, Debian Linux, Glibc and 6 more 2024-11-21 3.7 LOW 7.0 HIGH
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.