org.apache.brooklyn:brooklyn
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.brooklyn:brooklynpage 1 of 1
- CVE-2016-8744HIGHCVSS 8.8EG 8.8✓ Fixed in 0.10.02017-09-13
vulnerable: 0.7.0-incubating, 0.8.0-incubating, 0.9.0
Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML wi…
- CVE-2017-3165MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.10.02017-09-13
vulnerable: 0.7.0-incubating, 0.8.0-incubating, 0.9.0
In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to im…
Check whether org.apache.brooklyn:brooklyn is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.brooklyn:brooklyn CVEs against the assets you own.
Start Free Scan →