Vulnerabilities > Atlassian > Floodlight > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-09-30 CVE-2020-18685 Improper Input Validation vulnerability in Atlassian Floodlight
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
network
low complexity
atlassian CWE-20
critical
 9.8
9.8
2021-09-30 CVE-2020-18684 Integer Overflow or Wraparound vulnerability in Atlassian Floodlight
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number.
network
low complexity
atlassian CWE-190
critical
 9.8
9.8
2021-09-30 CVE-2020-18683 Improper Input Validation vulnerability in Atlassian Floodlight
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
network
low complexity
atlassian CWE-20
critical
 9.8
9.8