Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cf-release vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-4970
An issue exists in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application ...
Cloudfoundry Cf-release 255
Cloudfoundry Staticfile Buildpack 1.4.1
Cloudfoundry Staticfile Buildpack 1.4.2
Cloudfoundry Staticfile Buildpack 1.4.3
Cloudfoundry Staticfile Buildpack 1.4.0
6.5
CVSSv2
CVE-2017-4991
An issue exists in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prio...
Pivotal Software Cloud Foundry Uaa 2.7.4.15
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 3.6.9
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.8
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.3
Pivotal Software Cloud Foundry Uaa 3.6.5
4.3
CVSSv2
CVE-2016-2165
The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions before 1.5.19 AND 1.6.x versions before 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malici...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.1
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.5
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.8
Pivotal Software Cloud Foundry Elastic Runtime 1.6.9
Pivotal Software Cloud Foundry Elastic Runtime 1.6.10
Pivotal Software Cloud Foundry Elastic Runtime 1.6.11
Pivotal Software Cloud Foundry Elastic Runtime 1.6.12
Pivotal Software Cloud Foundry Elastic Runtime 1.6.13
Pivotal Software Cloud Foundry Elastic Runtime 1.6.14
Pivotal Software Cloud Foundry Elastic Runtime 1.6.15
Pivotal Software Cloud Foundry Elastic Runtime 1.6.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.17
Pivotal Software Cloud Foundry Elastic Runtime 1.6.18
Pivotal Software Cloud Foundry Elastic Runtime 1.6.19
5
CVSSv2
CVE-2016-0780
It exists that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions before 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions before 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota v...
Cloudfoundry Cf-release 231
Pivotal Software Cloud Foundry Elastic Runtime 1.5.0
Pivotal Software Cloud Foundry Elastic Runtime 1.5.1
Pivotal Software Cloud Foundry Elastic Runtime 1.5.2
Pivotal Software Cloud Foundry Elastic Runtime 1.5.3
Pivotal Software Cloud Foundry Elastic Runtime 1.5.4
Pivotal Software Cloud Foundry Elastic Runtime 1.5.5
Pivotal Software Cloud Foundry Elastic Runtime 1.5.6
Pivotal Software Cloud Foundry Elastic Runtime 1.5.7
Pivotal Software Cloud Foundry Elastic Runtime 1.5.8
Pivotal Software Cloud Foundry Elastic Runtime 1.5.9
Pivotal Software Cloud Foundry Elastic Runtime 1.5.10
Pivotal Software Cloud Foundry Elastic Runtime 1.5.11
Pivotal Software Cloud Foundry Elastic Runtime 1.5.12
Pivotal Software Cloud Foundry Elastic Runtime 1.5.13
Pivotal Software Cloud Foundry Elastic Runtime 1.5.14
Pivotal Software Cloud Foundry Elastic Runtime 1.5.15
Pivotal Software Cloud Foundry Elastic Runtime 1.5.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.1
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
4
CVSSv2
CVE-2015-1834
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions before 1.4.2. Path traversal is the 'outbreak' of a given directory structure ...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
4.3
CVSSv2
CVE-2015-3189
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerabilit...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
5.8
CVSSv2
CVE-2015-3190
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an malicious user to insert malicious web page as a redi...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2015-3191
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an malicious user to trigger an e-mail change for a...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2017-4969
The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks.
Cloudfoundry Cf-release
5
CVSSv2
CVE-2016-9882
An issue exists in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often sent to a...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »