| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7525 | 7.5 |
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the Obj
|
08-06-2023 - 17:57 | 06-02-2018 - 15:29 | |
| CVE-2015-3254 | 4.0 |
The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function.
|
13-02-2023 - 00:48 | 16-06-2017 - 22:29 | |
| CVE-2017-5637 | 5.0 |
Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3
|
20-07-2021 - 23:15 | 10-10-2017 - 01:30 |