Every CVE whose affected-product data names Apache Brooklyn, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-8737 — CVSS 8.8 (high): In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web…
CVE-2016-8744 — CVSS 8.8 (high): Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should…
CVE-2017-3165 — CVSS 5.4 (medium): In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to…