Vulnerabilities (CVE)

Filtered by vendor Pivotal Subscribe
Total 30 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1223 1 Pivotal 1 Cloud Foundry Container Runtime 2024-11-21 4.0 MEDIUM 8.8 HIGH
Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the ability to read the application logs could use these credentials to escalate privileges.
CVE-2018-1190 2 Cloudfoundry, Pivotal 3 Cf-release, Uaa, Uaa Bosh 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x versions prior to v30.8 and all other versions prior to v45.0. A cross-site scripting (XSS) attack is possible in the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint used for single logout session management.
CVE-2017-8048 2 Cloudfoundry, Pivotal 2 Cf-release, Capi-release 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially crafted application. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
CVE-2017-8047 2 Cloudfoundry, Pivotal 2 Cf-release, Routing-release 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
CVE-2017-8039 1 Pivotal 1 Spring Web Flow 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to 'false') can be vulnerable to malicious EL expressions in view states that process form submissions but do not have a sub-element to declare explicit data binding property mappings. NOTE: this issue exists because of an incomplete fix for CVE-2017-4971.
CVE-2017-4975 1 Pivotal 1 Pcf Tile Generator 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create a running open security group that overrides security groups set by the operator.
CVE-2017-4971 1 Pivotal 1 Spring Web Flow 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to 'false') can be vulnerable to malicious EL expressions in view states that process form submissions but do not have a sub-element to declare explicit data binding property mappings.
CVE-2017-3203 1 Pivotal 1 Spring-flex 2024-11-21 6.8 MEDIUM 8.1 HIGH
The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
CVE-2016-6639 2 Cloudfoundry, Pivotal 2 Php-buildpack, Cloud Foundry Elastic Runtime 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
CVE-2016-4977 1 Pivotal 1 Spring Security Oauth 2024-11-21 6.5 MEDIUM 8.8 HIGH
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
CVE-2016-4435 1 Pivotal 1 Bosh Stemcell 2024-11-21 6.8 MEDIUM 9.0 CRITICAL
An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
CVE-2016-0930 1 Pivotal 1 Operations Manager 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period during which these VMs exist.
CVE-2016-0928 1 Pivotal 1 Cloud Foundry Elastic Runtime 2024-11-21 5.8 MEDIUM 7.4 HIGH
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2016-0732 2 Cloudfoundry, Pivotal 4 Cf-release, Uaa-release, User Account And Authentication and 1 more 2024-11-21 6.5 MEDIUM 8.8 HIGH
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors.
CVE-2022-22969 2 Oracle, Pivotal 2 Communications Design Studio, Spring Security Oauth 2024-10-10 4.0 MEDIUM 6.5 MEDIUM
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
CVE-2023-34062 1 Pivotal 1 Reactor Netty 2024-02-05 N/A 7.5 HIGH
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured to serve static resources.
CVE-2023-34054 1 Pivotal 1 Reactor Netty 2024-02-05 N/A 7.5 HIGH
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in integration with Micrometer is enabled.
CVE-2023-34061 1 Pivotal 2 Cloud Foundry Deployment, Cloud Foundry Routing Release 2024-02-05 N/A 7.5 HIGH
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.
CVE-2023-20885 1 Pivotal 3 Cloud Foundry Nfs Volume, Cloud Foundry Notifications, Cloud Foundry Smb Volume 2024-02-04 N/A 6.5 MEDIUM
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior to 7.1.19.
CVE-2022-31684 1 Pivotal 1 Reactor Netty 2024-02-04 N/A 4.3 MEDIUM
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled.