Vulnerabilidades em Cloud Foundry

72 resultados
CVE-2019-11290HIGHCloud Foundry UAA logs query parameters in tomcat access fileEPSS 1.3%CVE-2020-5416HIGHCF clusters with NGINX in front of them may be vulnerable to DoSEPSS 1.2%CVE-2020-5420HIGHGorouter is vulnerable to DoS attack via invalid HTTP responsesEPSS 1.2%CVE-2018-11084MEDIUMGarden-runC prevents deletion of some app environmentsEPSS 1.2%CVE-2019-11282MEDIUMUAA is vulnerable to a Blind SCIM injection leading to information disclosureEPSS 1.1%CVE-2020-5423HIGHCloud Controller is vulnerable to denial of service via YAML parsingEPSS 1.1%CVE-2019-11270HIGHUAA clients.write vulnerabilityEPSS 1.1%CVE-2018-1277Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated EPSS 1.1%CVE-2018-1193Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can EPSS 1.1%CVE-2019-3787HIGHUAA defaults email address to an insecure domainEPSS 1.1%CVE-2018-11082MEDIUMCloud Foundry UAA MFA does not prevent brute force of MFA codeEPSS 1.1%CVE-2019-3784HIGHCloud Foundry Stratos contains a Session Collision VulnerabilityEPSS 1.1%CVE-2019-3794MEDIUMUAA - Login app subject to clickjacking attackEPSS 1.1%CVE-2018-11047Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4EPSS 1.1%CVE-2018-1269Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior toEPSS 1.1%CVE-2018-1276Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the abilitEPSS 1.0%CVE-2020-5401MEDIUMCloud Foundry GoRouter is vulnerable to cache poisoningEPSS 1.0%CVE-2018-1268Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior toEPSS 1.0%CVE-2019-11268MEDIUMUAA SQL Identity Zone VulnerabilityEPSS 1.0%CVE-2016-2169Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. AEPSS 1.0%