Ontap 9

This hub aggregates every CVE we track for Ontap 9, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 12 most recently published vulnerabilities affecting Ontap 9.

• CVE-2026-22050ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snaps...4.3Jan 12, 2026
• CVE-2024-53580iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.7.5Dec 18, 2024
• CVE-2024-6119Possible denial of service in X.509 name checks7.5Sep 3, 2024
• CVE-2024-38475Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.KEV9.1Jul 1, 2024
• CVE-2024-26458Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.5.3Feb 26, 2024
• CVE-2024-26461Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.7.5Feb 26, 2024
• CVE-2024-21985Privilege Escalation Vulnerability in ONTAP 9 7.6Jan 26, 2024
• CVE-2024-21982 CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9 4.8Jan 11, 2024
• CVE-2023-27317Information Disclosure Vulnerability in ONTAP 9 4.3Dec 15, 2023
• CVE-2023-27314Denial of Service Vulnerability in ONTAP 97.5Oct 12, 2023
• CVE-2023-27535An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created c...5.9Mar 30, 2023
• CVE-2022-42915curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the ...8.1Oct 29, 2022