Vendor
Xfire
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 2 CVEs
- 0 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-5817 | Hig | 0.48 | 7.4 | 0.01 | Nov 4, 2012 | Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows… | ||
| CVE-2006-5391 | 0.03 | — | 0.03 | Oct 18, 2006 | Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777. |
- risk 0.48cvss 7.4epss 0.01
Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…
- CVE-2006-5391Oct 18, 2006risk 0.03cvss —epss 0.03
Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.