Netapp Trident
11 CVEs affecting Netapp Trident. Latest disclosed: 2021-10-29. Critical: 4, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-29511 | Critical | 9.8 | 2020-12-14 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which al… |
CVE-2020-29510 | Critical | 9.8 | 2020-12-14 | The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows… |
CVE-2020-29509 | Critical | 9.8 | 2020-12-14 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which… |
CVE-2018-1002105 | Critical | 9.8 | 2018-12-05 | In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver all… |
CVE-2019-11243 | High | 8.1 | 2019-04-22 | In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer toke… |
CVE-2021-25742 | High | 7.6 | 2021-10-29 | A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secre… |
CVE-2020-28366 | High | 7.5 | 2020-11-18 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in… |
CVE-2020-28362 | High | 7.5 | 2020-11-18 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. |
CVE-2019-9514 | High | 7.5 | 2019-08-13 | Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an in… |
CVE-2021-34558 | Medium | 6.5 | 2021-07-15 | The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a… |
CVE-2019-11244 | Medium | 5.0 | 2019-04-22 | In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with wo… |