CAPI (Cloud Controller) versions before 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cloudfoundry capi-release |
||
cloudfoundry cf-deployment |