Vulnerabilidades en Cloud FOundry

72 resultados
CVE-2020-5417HIGHCloud Controller may allow developers to claim sensitive routesEPSS 1.0%CVE-2018-1223Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A maliciEPSS 0.9%CVE-2018-1191Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may bEPSS 0.9%CVE-2018-15800HIGHTiming attack allows extraction of signing key in Bits ServiceEPSS 0.9%CVE-2019-3783HIGHCloud Foundry Stratos Deploys With Public Default Session Store SecretEPSS 0.9%CVE-2020-5422UAA password may appear in BOSH System Metrics Server process argumentsEPSS 0.9%CVE-2019-3775HIGHUAA allows users to modify their own email addressEPSS 0.9%CVE-2018-11041Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior tEPSS 0.9%CVE-2019-3788HIGHUAA redirect-uri allows wildcard in the subdomainEPSS 0.8%CVE-2019-11274MEDIUMUAA SCIM Filter XSSEPSS 0.8%CVE-2019-11294MEDIUMCAPI leaks service broker URLs and GUIDs to space developersEPSS 0.8%CVE-2019-3789HIGHGorouter allows space developer to hijack route services hosted outside the platformEPSS 0.8%CVE-2020-5400HIGHCloud Controller logs environment variables from app manifestsEPSS 0.8%CVE-2018-15796HIGHSigning Key Extraction in Bits Service ReleaseEPSS 0.7%CVE-2019-3779HIGHCloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCDEPSS 0.7%CVE-2019-3786HIGHBBR could run arbitrary scripts on deployment VMsEPSS 0.6%CVE-2019-3801HIGHJava Projects using HTTP to fetch dependenciesEPSS 0.6%CVE-2020-5418LOWCloud Controller allows users with no roles to list dropletsEPSS 0.6%CVE-2024-37082CRITICALWhen deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTPEPSS 0.5%CVE-2023-20885MEDIUMCF workflows leak credentials in system audit logsEPSS 0.5%