GCVE - cpe:2.3:a:atlassian:floodlight:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:atlassian:floodlight:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Atlassian (`8acde0d4-2b83-5bd8-8d3f-60d59e0b022e`)
Product	Floodlight (`7559bbb9-c0a7-5dbb-b5f1-5987d2eee6bd`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/floodlight/floodlight`	purl2cpe	2026-06-01 10:12:16.771587
`pkg:sourceforge/floodlight`	purl2cpe	2026-06-01 10:12:16.771590

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-18685`	vulnerable	2026-06-03 14:41:54.579591	Details available Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs. Published: 2021-09-30T01:18:43.000Z Updated: 2024-08-04T14:08:29.076Z Open on db.gcve.eu Reference links https://drive.google.com/open?id=1oIt6jViGxLALUkLVELsQpC26MJYFZt2U	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-18684`	vulnerable	2026-06-03 14:41:54.579294	Details available Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number. Published: 2021-09-30T01:17:21.000Z Updated: 2024-08-04T14:08:29.093Z Open on db.gcve.eu Reference links https://drive.google.com/open?id=1310MS7djRfF0N2YmmzVTs8x5oJuHQVX5	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-18683`	vulnerable	2026-06-03 14:41:54.578916	Details available Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling. Published: 2021-09-30T01:20:15.000Z Updated: 2024-08-04T14:00:49.261Z Open on db.gcve.eu Reference links https://drive.google.com/open?id=15I75JBmFYB9rLm9ZvcFtjHy0e2a-9lyO	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-6569`	vulnerable	2026-06-03 14:35:02.512716	Details available Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack. Published: 2018-02-21T15:00:00.000Z Updated: 2024-08-06T07:22:22.423Z Open on db.gcve.eu Reference links https://floodlight.atlassian.net/wiki/spaces/floodlightcontroller/pages/24805419/Floodlight+v1.2 https://github.com/floodlight/floodlight/pull/563 http://www.securityfocus.com/bid/103132	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.