Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloudfoundry cf-release vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-5172
Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow malicious users to have unspecified impact by leveraging failure to expire password reset links.
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
7.5
CVSSv2
CVE-2015-5171
The password change functionality in Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow malicious users to have unspecified impact by leveraging failure to expire existing sessions.
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
7.5
CVSSv2
CVE-2017-4992
An issue exists in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.10
Pivotal Software Cloud Foundry Uaa 2.7.4.15
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 3.6.9
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 2.7.4.16
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 3.6.8
7.5
CVSSv2
CVE-2016-6655
An issue exists in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability exists in a common script used by many Cloud Foundry components. A malicious user may exploit numerous vectors to...
Cloudfoundry Cf-release
Cloudfoundry Cf-mysql-release
7.5
CVSSv2
CVE-2016-8218
An issue exists in Cloud Foundry Foundation routing-release versions before 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged malicious users to impersonate other users to the routing API, aka an "...
Cloudfoundry Cf-release 204
Cloudfoundry Cf-release 206
Cloudfoundry Cf-release 211
Cloudfoundry Cf-release 207
Cloudfoundry Cf-release 208
Cloudfoundry Cf-release 209
Cloudfoundry Cf-release 210
Cloudfoundry Cf-release 225
Cloudfoundry Cf-release 226
Cloudfoundry Cf-release 227
Cloudfoundry Cf-release 228
Cloudfoundry Cf-release 213
Cloudfoundry Cf-release 215
Cloudfoundry Cf-release 221
Cloudfoundry Cf-release 223
Cloudfoundry Cf-release 230
Cloudfoundry Routing-release
Cloudfoundry Cf-release 217
Cloudfoundry Cf-release 218
Cloudfoundry Cf-release 219
Cloudfoundry Cf-release 220
Cloudfoundry Cf-release
6.8
CVSSv2
CVE-2015-5170
Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow remote malicious users to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack o...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2015-5173
Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow malicious users to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage.&qu...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2017-8048
In Cloud Foundry capi-release versions 1.33.0 and later, before 1.42.0 and cf-release versions 268 and later, before 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing ...
Pivotal Capi-release 1.34.0
Pivotal Capi-release 1.33.0
Cloudfoundry Cf-release 269
Cloudfoundry Cf-release 268
Pivotal Capi-release 1.41.0
Pivotal Capi-release 1.40.0
Pivotal Capi-release 1.39.0
Cloudfoundry Cf-release 272
Cloudfoundry Cf-release 270
Pivotal Capi-release 1.37.0
Pivotal Capi-release 1.35.0
Cloudfoundry Cf-release 273
Cloudfoundry Cf-release 271
Pivotal Capi-release 1.38.0
Pivotal Capi-release 1.36.0
6.8
CVSSv2
CVE-2017-8033
An issue exists in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268. A filesystem traversal vulnerability exists in the Cloud Controller that allows a space developer to escalate privileges by pushin...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
6.8
CVSSv2
CVE-2015-3191
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an malicious user to trigger an e-mail change for a...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »