Netapp Manageability Software Development Kit — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Manageability Software Development Kit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2018-1285 — CVSS 9.8 (critical): Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for…
CVE-2021-3711 — CVSS 9.8 (critical): In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application…
CVE-2021-3518 — CVSS 8.8 (high): There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application…
CVE-2021-3517 — CVSS 8.6 (high): There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted…
CVE-2025-24928 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD…
CVE-2022-40304 — CVSS 7.8 (high): An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading…
CVE-2024-56171 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in…
CVE-2019-19956 — CVSS 7.5 (high): xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
CVE-2021-3712 — CVSS 7.4 (high): ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a…
CVE-2021-3541 — CVSS 6.5 (medium): A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to…
CVE-2022-29824 — CVSS 6.5 (medium): In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows…
CVE-2020-24977 — CVSS 6.5 (medium): GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has…
CVE-2021-3537 — CVSS 5.9 (medium): A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing…
CVE-2020-1971 — CVSS 5.9 (medium): The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName…