Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry cf-release vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-3189
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerabilit...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
383
VMScore
CVE-2016-2165
The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions before 1.5.19 AND 1.6.x versions before 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malici...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.1
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.5
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.8
Pivotal Software Cloud Foundry Elastic Runtime 1.6.9
Pivotal Software Cloud Foundry Elastic Runtime 1.6.10
Pivotal Software Cloud Foundry Elastic Runtime 1.6.11
Pivotal Software Cloud Foundry Elastic Runtime 1.6.12
Pivotal Software Cloud Foundry Elastic Runtime 1.6.13
Pivotal Software Cloud Foundry Elastic Runtime 1.6.14
Pivotal Software Cloud Foundry Elastic Runtime 1.6.15
Pivotal Software Cloud Foundry Elastic Runtime 1.6.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.17
Pivotal Software Cloud Foundry Elastic Runtime 1.6.18
Pivotal Software Cloud Foundry Elastic Runtime 1.6.19
356
VMScore
CVE-2016-6658
Applications in cf-release prior to 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a credential in the URL (basic auth or OAuth) to access the buildpack through the C...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
356
VMScore
CVE-2017-14389
An issue exists in Cloud Foundry Foundation capi-release (all versions before 1.45.0), cf-release (all versions prior to v280), and cf-deployment (all versions prior to v1.0.0). The Cloud Controller does not prevent space developers from creating subdomains to an already existing...
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
Cloudfoundry Cf-release
356
VMScore
CVE-2016-8219
An issue exists in Cloud Foundry Foundation cf-release versions before 250 and CAPI-release versions before 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails.
Cloudfoundry Capi-release
Cloudfoundry Cf-release
356
VMScore
CVE-2017-4974
An issue exists in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 3.9.10
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 3.6.8
Pivotal Software Cloud Foundry Uaa 3.9.2
356
VMScore
CVE-2015-1834
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions before 1.4.2. Path traversal is the 'outbreak' of a given directory structure ...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
312
VMScore
CVE-2017-8031
An issue exists in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions before 30.6, 45.x versions before 45.4, 52.x versions before 52.1). In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for o...
Cloudfoundry Cf-release
Cloudfoundry Uaa-release
Cloudfoundry Uaa-release 52
231
VMScore
CVE-2016-0713
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle malicious users to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.
Cloudfoundry Cf-release 196
Cloudfoundry Cf-release 221
Cloudfoundry Cf-release 159
Cloudfoundry Cf-release 162
Cloudfoundry Cf-release 174
Cloudfoundry Cf-release 141
Cloudfoundry Cf-release 152
Cloudfoundry Cf-release 200
Cloudfoundry Cf-release 184
Cloudfoundry Cf-release 222
Cloudfoundry Cf-release 215
Cloudfoundry Cf-release 185
Cloudfoundry Cf-release 218
Cloudfoundry Cf-release 217
Cloudfoundry Cf-release 165
Cloudfoundry Cf-release 173
Cloudfoundry Cf-release 195
Cloudfoundry Cf-release 158
Cloudfoundry Cf-release 212
Cloudfoundry Cf-release 205
Cloudfoundry Cf-release 190
Cloudfoundry Cf-release 148
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4