Vulnerabilities (CVE)

Vendor filter

Cloudfoundry Subscribe

Product filter

Routing-release Subscribe


3 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-8034 2 Cloud Foundry, Cloudfoundry 6 Cf-release, Capi-release, Routing-release and 3 more 2019-10-03 6.0
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v0.159.0, CF-release versions prior to v267) do not validate the issuer on JSON Web Tokens (JWTs) from UAA. With...
CVE-2018-1193 1 Cloudfoundry 2 Cf-deployment, Routing-release 2019-10-03 5.0
Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only...
CVE-2016-8218 2 Cloud Foundry, Cloudfoundry 4 Cf-release, Routing-release, Cf-release and 1 more 2017-11-08 7.5
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other...