Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry cf-deployment vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2020-5420
Cloud Foundry Routing (Gorouter) versions before 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.
Cloudfoundry Gorouter
Cloudfoundry Cf-deployment
9.1
CVSSv3
CVE-2022-31733
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are t...
Cloudfoundry Diego
Cloudfoundry Cf-deployment
5.3
CVSSv3
CVE-2023-34041
Cloud foundry routing release versions before 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
Cloudfoundry Routing-release
Cloudfoundry Cf-deployment
7.5
CVSSv3
CVE-2024-22279
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated malicious user to degrade the service availability of the Cloud Foundry deployment if performed at scale.
Cloudfoundry Routing Release
Cloudfoundry Cf-deployment
5.9
CVSSv3
CVE-2023-20882
In Cloud foundry routing release versions from 0.262.0 and before 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the curre...
Cloudfoundry Routing Release
Cloudfoundry Cf-deployment
6.5
CVSSv3
CVE-2021-22115
Cloud Controller API versions before 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller.
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
6.5
CVSSv3
CVE-2020-5416
Cloud Foundry Routing (Gorouter), versions before 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP request...
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
7.5
CVSSv3
CVE-2020-5423
CAPI (Cloud Controller) versions before 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
7.5
CVSSv3
CVE-2021-22101
Cloud Controller versions before 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthenticated malicious users to cause denial of service by using REST HTTP requests with label_selectors on multiple V3 endpoints by generating an enormous ...
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
6.5
CVSSv3
CVE-2020-5400
Cloud Foundry Cloud Controller (CAPI), versions before 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to reso...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »