Filtered by vendor Netapp Subscriptions
Filtered by product Cloud Insights Telegraf Agent Subscriptions
Total 10 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-30634 3 Golang, Microsoft, Netapp 3 Go, Windows, Cloud Insights Telegraf Agent 2024-11-21 7.5 High
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
CVE-2022-23806 4 Debian, Golang, Netapp and 1 more 14 Debian Linux, Go, Beegfs Csi Driver and 11 more 2024-11-21 9.1 Critical
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
CVE-2022-23773 3 Golang, Netapp, Redhat 12 Go, Beegfs Csi Driver, Cloud Insights Telegraf Agent and 9 more 2024-11-21 7.5 High
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
CVE-2022-23772 4 Debian, Golang, Netapp and 1 more 13 Debian Linux, Go, Beegfs Csi Driver and 10 more 2024-11-21 7.5 High
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
CVE-2021-3115 5 Fedoraproject, Golang, Microsoft and 2 more 7 Fedora, Go, Windows and 4 more 2024-11-21 7.5 High
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).
CVE-2021-3114 5 Debian, Fedoraproject, Golang and 2 more 13 Debian Linux, Fedora, Go and 10 more 2024-11-21 6.5 Medium
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
CVE-2021-33195 3 Golang, Netapp, Redhat 12 Go, Cloud Insights Telegraf Agent, Advanced Cluster Security and 9 more 2024-11-21 7.3 High
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
CVE-2020-28366 4 Fedoraproject, Golang, Netapp and 1 more 7 Fedora, Go, Cloud Insights Telegraf Agent and 4 more 2024-11-21 7.5 High
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
CVE-2020-28362 4 Fedoraproject, Golang, Netapp and 1 more 12 Fedora, Go, Cloud Insights Telegraf Agent and 9 more 2024-11-21 7.5 High
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
CVE-2019-16276 6 Debian, Fedoraproject, Golang and 3 more 11 Debian Linux, Fedora, Go and 8 more 2024-11-21 7.5 High
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.