Vulnerabilities > Apache > Brooklyn > High

DATE CVE VULNERABILITY TITLE RISK
2017-09-13 CVE-2016-8744 Deserialization of Untrusted Data vulnerability in Apache Brooklyn
Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs.
network
low complexity
apache CWE-502
8.8
2017-09-13 CVE-2016-8737 Cross-Site Request Forgery (CSRF) vulnerability in Apache Brooklyn
In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user.
network
low complexity
apache CWE-352
8.8