Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Apache Brooklyn Security Vulnerabilities

cve
cve

CVE-2016-8737

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. There is.....

8.8CVSS

8.8AI Score

0.001EPSS

2017-09-13 04:29 PM
21
cve
cve

CVE-2017-3165

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. There is known to...

5.4CVSS

5.4AI Score

0.001EPSS

2017-09-13 04:29 PM
40
cve
cve

CVE-2016-8744

Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type available on the...

8.8CVSS

8.7AI Score

0.001EPSS

2017-09-13 04:29 PM
48