VYPR

Maven package

org.apache.brooklyn/brooklyn

pkg:maven/org.apache.brooklyn/brooklyn

Vulnerabilities (2)

  • CVE-2017-3165MedSep 13, 2017
    affected < 0.10.0fixed 0.10.0

    In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. T

  • CVE-2016-8744HigSep 13, 2017
    affected < 0.10.0fixed 0.10.0

    Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type a