Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cf-deployment vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-1277
Cloud Foundry Garden-runC, versions before 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially cau...
Cloudfoundry Garden-runc
Cloudfoundry Cf-deployment
6.5
CVSSv3
CVE-2020-5416
Cloud Foundry Routing (Gorouter), versions before 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP request...
Cloudfoundry Cf-deployment
Cloudfoundry Routing-release
8.8
CVSSv3
CVE-2020-5417
Cloud Foundry CAPI (Cloud Controller), versions before 1.97.0, when used in a deployment where an app domain is also the system domain (which is true in the default CF Deployment manifest), were vulnerable to developers maliciously or accidentally claiming certain sensitive route...
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release
4.3
CVSSv3
CVE-2020-5418
Cloud Foundry CAPI (Cloud Controller) versions before 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).
Cloudfoundry Capi-release
Cloudfoundry Cf-deployment
5.3
CVSSv3
CVE-2023-34041
Cloud foundry routing release versions before 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
Cloudfoundry Routing-release
Cloudfoundry Cf-deployment
5.9
CVSSv3
CVE-2023-20882
In Cloud foundry routing release versions from 0.262.0 and before 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the curre...
Cloudfoundry Routing Release
Cloudfoundry Cf-deployment
8.1
CVSSv3
CVE-2019-11277
Cloud Foundry NFS Volume Service, 1.7.x versions before 1.7.11 and 2.x versions before 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space deve...
Cloudfoundry Cf-deployment
Cloudfoundry Nfs Volume Release
4.3
CVSSv3
CVE-2019-11294
Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins.
Cloudfoundry Cf-deployment
Cloudfoundry Capi-release 1.88.0
8.8
CVSSv3
CVE-2018-1191
Cloud Foundry Garden-runC, versions before 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.
Cloudfoundry Cf-deployment
Cloudfoundry Garden-runc-release
7.2
CVSSv3
CVE-2018-1265
Cloud Foundry Diego, release versions before 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps runnin...
Pivotal Software Cloud Foundry Diego
Cloudfoundry Cf-deployment
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »