📦 Storagegrid

CVE-2025-25291 is an authentication bypass vulnerability in ruby-saml that allows attackers to bypass SAML single sign-on authentication via signature wrapping attacks. The vulnerability stems from pa...

This vulnerability in Go's elliptic curve cryptography library allows Curve.IsOnCurve to incorrectly return true for invalid field elements. This could enable cryptographic bypass attacks where invali...

CVE-2021-39275 is a critical buffer overflow vulnerability in Apache HTTP Server's ap_escape_quotes() function that could allow remote code execution or denial of service. The vulnerability affects Ap...

An unauthenticated attacker can exploit a Server-Side Request Forgery (SSRF) vulnerability in StorageGRID to change passwords for Grid Manager or Tenant Manager users when Single Sign-on is disabled. ...

CVE-2022-38734 is a Denial of Service vulnerability in NetApp StorageGRID's Local Distribution Router service. Attackers can crash the LDR service by sending specially crafted requests, disrupting sto...

CVE-2022-0778 is a denial-of-service vulnerability in OpenSSL's BN_mod_sqrt() function that can cause infinite loops when parsing specially crafted certificates or private keys containing invalid elli...

This vulnerability in NetApp StorageGRID allows attackers to cause a Denial of Service (DoS) by targeting the Local Distribution Router (LDR) service. Successful exploitation could disrupt grid operat...

CVE-2022-23772 is an integer overflow vulnerability in Go's math/big.Rat.SetString function that allows attackers to trigger uncontrolled memory consumption (denial of service) by providing specially ...

CVE-2021-36160 is an out-of-bounds read vulnerability in Apache HTTP Server's mod_proxy_uwsgi module. A specially crafted URI path can cause the server to read beyond allocated memory boundaries, lead...

This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects applications using OpenSSL 1.1.1h-1.1.1j that enable s...

This is a reflected cross-site scripting (XSS) vulnerability in NetApp StorageGRID that allows attackers to execute malicious scripts in a privileged user's browser session. It affects StorageGRID ver...

This CVE describes a privilege escalation vulnerability in NetApp StorageGRID where authenticated attackers can discover Grid node names and IP addresses or modify Storage Grades. The vulnerability af...

This vulnerability allows authenticated attackers to cause a Denial of Service (DoS) by crashing StorageGRID services. It affects StorageGRID (formerly StorageGRID Webscale) installations running vers...

This vulnerability in NetApp StorageGRID allows attackers to potentially intercept and decrypt SSH communications through man-in-the-middle attacks. It affects StorageGRID versions before 11.7.0.9 and...