Netapp Max_data
7 CVEs affecting Netapp Max_data. Latest disclosed: 2020-07-30. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-15801 | Critical | 9.8 | 2020-07-17 | In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name… |
CVE-2020-14968 | Critical | 9.8 | 2020-06-22 | An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS (RSA-PSS) implementation does not detect signature manipulation/modi… |
CVE-2020-14967 | Critical | 9.8 | 2020-06-22 | An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modificatio… |
CVE-2020-7699 | High | 7.5 | 2020-07-30 | This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or… |
CVE-2020-14966 | High | 7.5 | 2020-06-22 | An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the leng… |
CVE-2020-11022 | Medium | 6.9 | 2020-04-29 | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (… |
CVE-2020-11023 | Medium | 6.9 | 2020-04-29 | In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it… |