Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry credhub vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-3801
Cloud Foundry cf-deployment, versions before 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could hijack the DNS entry for the dependency, and inject malicious code into the compo...
Cloudfoundry Credhub
Cloudfoundry Cf-deployment
Cloudfoundry Uaa Release
2.1
CVSSv2
CVE-2019-3782
Cloud Foundry CredHub CLI, versions before 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file. A local authenticated malicious user with access to the CredHub CLI config file can use these credentials to retriev...
Cloudfoundry Credhub Cli
5.8
CVSSv2
CVE-2020-5399
Cloud Foundry CredHub, versions before 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access t...
Cloudfoundry Credhub
Pivotal Software Cloud Foundry Cf-deployment
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started