Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Atlassian Subscribe
Filtered by product Floodlight
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-18684 1 Atlassian 1 Floodlight 2021-10-07 7.5 HIGH 9.8 CRITICAL
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number.
CVE-2020-18683 1 Atlassian 1 Floodlight 2021-10-02 7.5 HIGH 9.8 CRITICAL
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
CVE-2020-18685 1 Atlassian 1 Floodlight 2021-10-02 7.5 HIGH 9.8 CRITICAL
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
CVE-2015-6569 1 Atlassian 1 Floodlight 2018-03-19 4.3 MEDIUM 5.9 MEDIUM
Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack.