Netapp Manageability_software_development_kit
15 CVEs affecting Netapp Manageability_software_development_kit. Latest disclosed: 2025-02-18. Critical: 2, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-3711 | Critical | 9.8 | 2021-08-24 | In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function… |
CVE-2018-1285 | Critical | 9.8 | 2020-05-11 | Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in appli… |
CVE-2021-3518 | High | 8.8 | 2021-05-18 | There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 cou… |
CVE-2021-3517 | High | 8.6 | 2021-05-19 | There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed… |
CVE-2025-24928 | High | 7.8 | 2025-02-18 | libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur… |
CVE-2024-56171 | High | 7.8 | 2025-02-18 | libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit… |
CVE-2022-40304 | High | 7.8 | 2022-11-23 | An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic… |
CVE-2022-23308 | High | 7.5 | 2022-02-26 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. |
CVE-2019-19956 | High | 7.5 | 2019-12-24 | xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. |
CVE-2021-3712 | High | 7.4 | 2021-08-24 | ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buf… |
CVE-2022-29824 | Medium | 6.5 | 2022-05-03 | In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in ou… |
CVE-2021-3541 | Medium | 6.5 | 2021-07-09 | A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. |
CVE-2020-24977 | Medium | 6.5 | 2020-09-04 | GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commi… |
CVE-2021-3537 | Medium | 5.9 | 2021-05-14 | A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference… |
CVE-2020-1971 | Medium | 5.9 | 2020-12-08 | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a fu… |