Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry cf-deployment vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-11282
Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint that is vulnerable to SCIM injection attack. A remote authenticated malicious user with scim.invite scope can craft a request with malicious content which can leak information about users of the UAA.
Cloudfoundry Cf-deployment
Pivotal Software Cloud Foundry Uaa
7.4
CVSSv3
CVE-2020-5399
Cloud Foundry CredHub, versions before 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access t...
Pivotal Software Cloud Foundry Cf-deployment
Cloudfoundry Credhub
8.8
CVSSv3
CVE-2019-11283
Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with access to the SMB Volume logs can discover the username and password for volumes that have been recently created, allowing the user to take control of th...
Cloudfoundry Cf-deployment
Pivotal Software Cloud Foundry Smb Volume
5.9
CVSSv3
CVE-2020-15586
Go prior to 1.13.13 and 1.14.x prior to 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
Golang Go
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.2
CVSSv3
CVE-2018-1262
Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, g...
Pivotal Software Cloud Foundry Uaa 4.13.0
Pivotal Software Cloud Foundry Uaa 4.13.1
Pivotal Software Cloud Foundry Uaa 4.13.2
Pivotal Software Cloud Foundry Uaa 4.13.3
Pivotal Software Cloud Foundry Uaa 4.13.4
Pivotal Software Cloud Foundry Uaa 4.12.0
Pivotal Software Cloud Foundry Uaa 4.12.1
Pivotal Software Cloud Foundry Uaa 4.12.2
Pivotal Software Cloud Foundry Uaa-release 57.1
Pivotal Software Cloud Foundry Uaa-release 58
Pivotal Software Cloud Foundry Uaa-release 57
Cloudfoundry Cf-deployment
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4