| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-11278 |
1 Cloudfoundry |
1 User Account And Authentication |
2019-10-09 |
7.5 |
| CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges,... |
| CVE-2016-6655 |
2 Cloud Foundry, Cloudfoundry |
4 Cf-release, Cf-mysql-release, Cf-mysql-release and 1 more |
2017-11-08 |
7.5 |
| An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry... |
| CVE-2016-8218 |
2 Cloud Foundry, Cloudfoundry |
4 Cf-release, Routing-release, Cf-release and 1 more |
2017-11-08 |
7.5 |
| An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other... |
