Netapp Santricity_cloud_connector
27 CVEs affecting Netapp Santricity_cloud_connector. Latest disclosed: 2021-06-22. Critical: 2, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-7658 | Critical | 9.8 | 2018-06-26 | In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two co… |
CVE-2017-7657 | Critical | 9.8 | 2018-06-26 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encodin… |
CVE-2018-12538 | High | 8.8 | 2018-06-22 | In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is… |
CVE-2018-2826 | High | 8.3 | 2018-04-19 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit… |
CVE-2018-2825 | High | 8.3 | 2018-04-19 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit… |
CVE-2018-2638 | High | 8.3 | 2018-01-18 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficu… |
CVE-2017-15715 | High | 8.1 | 2018-03-26 | In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching… |
CVE-2021-28165 | High | 7.5 | 2021-04-01 | In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. |
CVE-2018-17199 | High | 7.5 | 2019-01-30 | In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to… |
CVE-2018-1303 | High | 7.5 | 2018-03-26 | A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to b… |
CVE-2017-15710 | High | 7.5 | 2018-03-26 | In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language hea… |
CVE-2018-2627 | High | 7.5 | 2018-01-18 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficul… |
CVE-2018-1302 | Medium | 5.9 | 2018-03-26 | When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an alr… |
CVE-2018-1301 | Medium | 5.9 | 2018-03-26 | A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by r… |
CVE-2021-28164 | Medium | 5.3 | 2021-04-01 | In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access prot… |
CVE-2020-14803 | Medium | 5.3 | 2020-10-21 | Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploita… |
CVE-2018-17189 | Medium | 5.3 | 2019-01-30 | In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily… |
CVE-2018-1283 | Medium | 5.3 | 2018-03-26 | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user… |
CVE-2018-2581 | Medium | 4.7 | 2018-01-18 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easi… |
CVE-2020-14792 | Medium | 4.2 | 2020-10-21 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261… |