Vulnerabilities (CVE)

Vendor filter

Cloudfoundry Subscribe

Filter

3 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11278 1 Cloudfoundry 1 User Account And Authentication 2019-10-09 7.5
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges,...
CVE-2016-6655 2 Cloud Foundry, Cloudfoundry 4 Cf-release, Cf-mysql-release, Cf-mysql-release and 1 more 2017-11-08 7.5
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry...
CVE-2016-8218 2 Cloud Foundry, Cloudfoundry 4 Cf-release, Routing-release, Cf-release and 1 more 2017-11-08 7.5
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other...