Atlassian Floodlight vulnerabilities
4 known vulnerabilities affecting atlassian/floodlight.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-18684CRITICALCVSS 9.8≤ 1.22021-09-30
CVE-2020-18684 [CRITICAL] CWE-190 CVE-2020-18684: Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java vi
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number.
nvd
CVE-2020-18683CRITICALCVSS 9.8≤ 1.22021-09-30
CVE-2020-18683 [CRITICAL] CWE-20 CVE-2020-18683: Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
nvd
CVE-2020-18685CRITICALCVSS 9.8≤ 1.22021-09-30
CVE-2020-18685 [CRITICAL] CWE-20 CVE-2020-18685: Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
nvd
CVE-2015-6569MEDIUMCVSS 5.9fixed in 1.22018-02-21
CVE-2015-6569 [MEDIUM] CWE-362 CVE-2015-6569: Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows r
Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack.
nvd