cloud foundry Summary
Latest vulnerabilities published by cloud foundry
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
SAML 2.0 Signature Bypass Vulnerability in Cloud Foundry UAA
CVE-2026-22734Cloud FoundryUua8.6HIGHPrivate Key Exposure in Cloud Foundry UAA Software
CVE-2025-22246Cloud FoundryUaa7.5HIGHSession Information Vulnerability in Multi-Zone UAA by Cloud Foundry
CVE-2025-22216Cloud FoundryCloud Foundry Uaa5.4MEDIUMCloud Controller at Risk of Denial of Service Attack Due to malicious file upload
CVE-2024-38826Cloud FoundryCloud FoundryPotential Security Risk: Incorrect User Permissions in Cloud Foundry UAA
CVE-2024-38806Cloud Foundry Fou...Uaa3.9LOWSecurity Check Loophole in HAProxy Release Could Bypass mTLS Authentication
CVE-2024-37082Cloud FoundryHaproxy-boshrelease9.1CRITICALUnauthenticated Attackers Can Degrade Cloud Foundry Deployment Availability
CVE-2024-22279Cloud FoundryRouting Release7.5HIGHCVE-2023-34061 β Gorouter route pruning
CVE-2023-34061Cloud FoundryRouting Release7.5HIGHCVE-2023-34041-Abuse of HTTP Hop-by-Hop Headers in Cloud Foundry Gorouter
CVE-2023-34041Cloud FoundryRouting5.3MEDIUMCF workflows leak credentials in system audit logs
CVE-2023-20885Cloud FoundryNotifications6.5MEDIUMCloud Controller is vulnerable to denial of service via YAML parsing
CVE-2020-5423Cloud FoundryCapi7.5HIGHUAA password may appear in BOSH System Metrics Server process arguments
CVE-2020-5422Cloud FoundryBosh System Metrics Se...6.5MEDIUMCloud Controller allows users with no roles to list droplets
CVE-2020-5418Cloud FoundryCapi3.1LOWGorouter is vulnerable to DoS attack via invalid HTTP responses
CVE-2020-5420Cloud FoundryRouting7.7HIGHCF clusters with NGINX in front of them may be vulnerable to DoS
CVE-2020-5416Cloud FoundryRouting7.7HIGHCloud Controller may allow developers to claim sensitive routes
CVE-2020-5417Cloud FoundryCapi8.5HIGHCloud Controller logs environment variables from app manifests
CVE-2020-5400Cloud FoundryCapi8HIGHCloud Foundry GoRouter is vulnerable to cache poisoning
CVE-2020-5401Cloud FoundryRouting5.3MEDIUMUAA fails to check the state parameter when authenticating with external IDPs
CVE-2020-5402Cloud FoundryUaa8.8HIGHCredHub does not properly enable TLS for MySQL database connections
CVE-2020-5399Cloud FoundryCredhub7.6HIGHCAPI leaks service broker URLs and GUIDs to space developers
CVE-2019-11294Cloud FoundryCapi4.3MEDIUMUAA logs all query parameters with debug logging level
CVE-2019-11293Cloud FoundryUaa Release8.8HIGHCloud Foundry UAA logs query parameters in tomcat access file
CVE-2019-11290Cloud FoundryUaa Release8.8HIGHA forged route service request using an invalid nonce can cause the gorouter to panic and crash
CVE-2019-11289Cloud FoundryRouting8.6HIGHUAA is vulnerable to a Blind SCIM injection leading to information disclosure
CVE-2019-11282Cloud FoundryUaa Release4.3MEDIUM