Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routing-release vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2018-1221
In cf-deployment prior to 1.14.0 and routing-release prior to 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and some other HTTP-aware Load Balancers. A user with developer privileges could use this vulnerability to ste...
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
5.8
CVSSv2
CVE-2017-8047
In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishi...
Cloudfoundry Cf-release
Pivotal Routing-release
6
CVSSv2
CVE-2017-8034
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With certain multi-zone UAA configurations,...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
Cloudfoundry Routing-release
7.5
CVSSv2
CVE-2016-8218
An issue exists in Cloud Foundry Foundation routing-release versions before 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged malicious users to impersonate other users to the routing API, aka an "...
Cloudfoundry Cf-release 204
Cloudfoundry Cf-release 206
Cloudfoundry Cf-release 211
Cloudfoundry Cf-release 207
Cloudfoundry Cf-release 208
Cloudfoundry Cf-release 209
Cloudfoundry Cf-release 210
Cloudfoundry Cf-release 225
Cloudfoundry Cf-release 226
Cloudfoundry Cf-release 227
Cloudfoundry Cf-release 228
Cloudfoundry Cf-release 213
Cloudfoundry Cf-release 215
Cloudfoundry Cf-release 221
Cloudfoundry Cf-release 223
Cloudfoundry Cf-release 230
Cloudfoundry Routing-release
Cloudfoundry Cf-release 217
Cloudfoundry Cf-release 218
Cloudfoundry Cf-release 219
Cloudfoundry Cf-release 220
Cloudfoundry Cf-release
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2