This page lists publicly disclosed CVE vulnerabilities affecting netapp cloud_insights_telegraf_agent (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-30634 | Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. | [email protected] | 7.5 | 1.64% | 2022-07-15 | 2026-06-17 |
| CVE-2022-23806 | Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | [email protected] | 9.1 | 3.02% | 2022-02-11 | 2026-06-17 |
| CVE-2022-23773 | cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. | [email protected] | 7.5 | 2.68% | 2022-02-11 | 2026-06-17 |
| CVE-2022-23772 | Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | [email protected] | 7.5 | 2.83% | 2022-02-11 | 2026-06-17 |
| CVE-2021-33195 | Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format. | [email protected] | 7.3 | 3.20% | 2021-08-02 | 2026-06-17 |
| CVE-2021-3115 | Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | [email protected] | 7.5 | 6.44% | 2021-01-26 | 2026-06-17 |
| CVE-2021-3114 | In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. | [email protected] | 6.5 | 2.67% | 2021-01-26 | 2026-06-17 |
| CVE-2020-28366 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. | [email protected] | 7.5 | 2.24% | 2020-11-18 | 2026-06-17 |
| CVE-2020-28362 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. | [email protected] | 7.5 | 3.81% | 2020-11-18 | 2026-06-17 |
| CVE-2019-16276 | Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | [email protected] | 7.5 | 5.16% | 2019-09-30 | 2026-06-17 |