Coldfusion Security Vulnerabilities and Issues — Coldfusion CVE List

Lucene search

AdobeColdfusion

4 matches found

CVE•added 2017/12/01 8:29 a.m.•84 views

CVE-2017-11283

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

9.8CVSS9.3AI score0.23859EPSS

CVE•added 2017/12/01 8:29 a.m.•79 views

CVE-2017-11284

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

9.8CVSS9.4AI score0.23859EPSS

CVE•added 2017/12/01 8:29 a.m.•57 views

CVE-2017-11285

Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

6.1CVSS7.2AI score0.01032EPSS

CVE•added 2017/12/01 8:29 a.m.•52 views

CVE-2017-11286

Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

7.5CVSS8.8AI score0.01292EPSS