U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 4 matching records.
Displaying matches 1 through 4.
Vuln ID Summary CVSS Severity
CVE-2022-29526

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

Published: June 23, 2022; 1:15:12 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2022-23806

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

Published: February 10, 2022; 8:15:07 PM -0500
V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.

Published: February 10, 2022; 8:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.

Published: February 10, 2022; 8:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH