This page lists publicly disclosed CVE vulnerabilities affecting netapp astra_trident (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-39325 | A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurren | [email protected] | 7.5 | 3.80% | 2023-10-11 | 2024-11-21 |
| CVE-2022-28948 | An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | [email protected] | 7.5 | 3.50% | 2022-05-19 | 2024-11-21 |
| CVE-2022-24921 | regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. | [email protected] | 7.5 | 3.23% | 2022-03-05 | 2024-11-21 |