Netapp Element_plug-in_for_vcenter_server

9 CVEs affecting Netapp Element_plug-in_for_vcenter_server. Latest disclosed: 2022-07-07. Critical: 1, High: 2.

Top CVEs affecting Netapp Element_plug-in_for_vcenter_server
CVESeverityScorePublishedSummary
CVE-2021-26987Critical9.82021-03-15Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which whe…
CVE-2022-2048High7.52022-07-07In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning…
CVE-2019-5492High7.52019-04-29Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node v…
CVE-2021-34429Medium5.32021-07-15For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF…
CVE-2021-28164Medium5.32021-04-01In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access prot…
CVE-2020-27223Medium5.22021-02-26In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a lar…
CVE-2021-34428Low2.92021-06-22For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID i…
CVE-2022-2047Low2.72022-07-07In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme UR…
CVE-2021-28163Low2.72021-04-01In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of th…