Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Oncommand_workflow_automation
(Netapp)| Repositories |
• https://github.com/bcgit/bc-java
• https://github.com/madler/zlib • https://github.com/FasterXML/jackson-databind • https://github.com/dom4j/dom4j |
| #Vulnerabilities | 699 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-23 | CVE-2021-20220 | A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity. | Active_iq_unified_manager, Oncommand_workflow_automation, Undertow | 4.8 | ||
| 2022-01-19 | CVE-2022-21322 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in... | Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 6.3 | ||
| 2022-01-19 | CVE-2022-21321 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker.... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 2.9 | ||
| 2022-01-19 | CVE-2022-21323 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 2.9 | ||
| 2022-01-19 | CVE-2022-21379 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability... | Oncommand_insight, Oncommand_workflow_automation, Mysql_server | 4.9 | ||
| 2022-01-19 | CVE-2022-21278 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 7.1 | ||
| 2022-01-19 | CVE-2022-21279 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker.... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 6.3 | ||
| 2022-01-19 | CVE-2022-21280 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker.... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 6.3 | ||
| 2022-01-19 | CVE-2022-21311 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker.... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 2.9 | ||
| 2022-01-19 | CVE-2022-21307 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker.... | Oncommand_insight, Oncommand_workflow_automation, Mysql | 6.3 |