Filtered by vendor Cloudfoundry
Subscribe
Total
107 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11278 | 1 Cloudfoundry | 1 User Account And Authentication | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have. | |||||
| CVE-2019-11277 | 1 Cloudfoundry | 2 Cf-deployment, Nfs Volume Release | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny service or perform a dictionary attack. | |||||
| CVE-2019-11274 | 1 Cloudfoundry | 1 User Account And Authentication | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute. | |||||
| CVE-2018-25046 | 1 Cloudfoundry | 1 Archiver | 2024-11-21 | N/A | 9.1 CRITICAL |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | |||||
| CVE-2018-1277 | 1 Cloudfoundry | 2 Cf-deployment, Garden-runc | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS against the cell. | |||||
| CVE-2018-1269 | 1 Cloudfoundry | 1 Loggregator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service. | |||||
| CVE-2018-1268 | 1 Cloudfoundry | 1 Loggregator | 2024-11-21 | 4.9 MEDIUM | 6.8 MEDIUM |
| Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app. | |||||
| CVE-2018-1267 | 1 Cloudfoundry | 1 Silk-release | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies. | |||||
| CVE-2018-1266 | 1 Cloudfoundry | 1 Capi-release | 2024-11-21 | 6.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwrite arbitrary files on the Cloud Controller instance. | |||||
| CVE-2018-1265 | 2 Cloudfoundry, Pivotal Software | 2 Cf-deployment, Cloud Foundry Diego | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. | |||||
| CVE-2018-1262 | 2 Cloudfoundry, Pivotal Software | 3 Cf-deployment, Cloud Foundry Uaa, Cloud Foundry Uaa-release | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation. | |||||
| CVE-2018-1221 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and some other HTTP-aware Load Balancers. A user with developer privileges could use this vulnerability to steal data or cause denial of service. | |||||
| CVE-2018-1195 | 1 Cloudfoundry | 3 Capi-release, Cf-deployment, Cf-release | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud Controller accepts refresh tokens for authentication where access tokens are expected. This exposes a vulnerability where a refresh token that would otherwise be insufficient to obtain an access token, either due to lack of client credentials or revocation, would allow authentication. | |||||
| CVE-2018-1193 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections. | |||||
| CVE-2018-1191 | 1 Cloudfoundry | 2 Cf-deployment, Garden-runc-release | 2024-11-21 | 3.5 LOW | 8.8 HIGH |
| Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials. | |||||
| CVE-2018-1190 | 2 Cloudfoundry, Pivotal | 3 Cf-release, Uaa, Uaa Bosh | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x versions prior to v30.8 and all other versions prior to v45.0. A cross-site scripting (XSS) attack is possible in the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint used for single logout session management. | |||||
| CVE-2018-11084 | 1 Cloudfoundry | 1 Garden-runc | 2024-11-21 | 5.5 MEDIUM | 6.8 MEDIUM |
| Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps. | |||||
| CVE-2017-8048 | 2 Cloudfoundry, Pivotal | 2 Cf-release, Capi-release | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially crafted application. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275. | |||||
| CVE-2017-8047 | 2 Cloudfoundry, Pivotal | 2 Cf-release, Routing-release | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275. | |||||
| CVE-2017-8037 | 1 Cloudfoundry | 2 Capi-release, Cf-release | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure. | |||||