snap_creator_framework vulnerabilities and exploits

7.5
HIGH
CVE-2018-18314

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations....

6.4
MEDIUM
CVE-2018-18313

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory....

7.5
HIGH
CVE-2018-18312

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations....

4.3
MEDIUM
CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the...

6.5
MEDIUM
CVE-2018-12538

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the...

6.8
MEDIUM
CVE-2016-5372

Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors....

5
MEDIUM
CVE-2016-7172

NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user....