Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8037 | 1 Cloudfoundry | 2 Capi-release, Cf-release | 2019-03-22 | 5.0 MEDIUM | 7.5 HIGH |
| In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an incomplete fix for CVE-2017-8035. If you took steps to remediate CVE-2017-8035 you should also upgrade to fix this CVE. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation, aka an Information Leak / Disclosure. | |||||
| CVE-2016-2169 | 1 Cloudfoundry | 3 Capi-release, Cf-release, Cloud Controller | 2018-05-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a route that conflicts with a platform service route and receive traffic intended for the service. | |||||