cloud foundry Latest Vulnerabilities
Latest vulnerabilities published by cloud foundry
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
UAA accepts SAML Encrypted Assertions authentication bypass
CVE-2026-41005Cloud FoundryUaa9CRITICAL- CVE-2026-41010Cloud Foundry Fou...Bosh Director8.7HIGH
- CVE-2026-41011Cloud Foundry Fou...Bosh8.7HIGH
- CVE-2026-41858Cloud Foundry Fou...Windows-utilities-release6.5MEDIUM
- CVE-2026-41859Cloud Foundry Fou...Bosh7.1HIGH
- CVE-2026-41860Cloud Foundry Fou...Bosh7.1HIGH
Private Key Exposure in Cloud Foundry UAA Versions
CVE-2026-40965Cloud Foundry Fou...Uaa Release10CRITICALAuthentication Bypass in cf-auth-proxy for Cloud Foundry Foundation
CVE-2026-40964Cloud Foundry Fou...Log-cache Release7.5HIGHArbitrary Blobstore Deletion Risk in BOSH Director by Cloud Foundry
CVE-2026-41704Cloud Foundry Fou...Bosh Director6.8MEDIUMLocal Blobstore Issues in BOSH Director by Cloud Foundry
CVE-2026-41009Cloud Foundry Fou...Bosh Director4.3MEDIUMSAML 2.0 Signature Bypass Vulnerability in Cloud Foundry UAA
CVE-2026-22734Cloud FoundryUua8.6HIGHPrivate Key Exposure in Cloud Foundry UAA Software
CVE-2025-22246Cloud FoundryUaa7.5HIGHSession Information Vulnerability in Multi-Zone UAA by Cloud Foundry
CVE-2025-22216Cloud FoundryCloud Foundry Uaa5.4MEDIUMCloud Controller at Risk of Denial of Service Attack Due to malicious file upload
CVE-2024-38826Cloud FoundryCloud FoundryPotential Security Risk: Incorrect User Permissions in Cloud Foundry UAA
CVE-2024-38806Cloud Foundry Fou...Uaa3.9LOWSecurity Check Loophole in HAProxy Release Could Bypass mTLS Authentication
CVE-2024-37082Cloud FoundryHaproxy-boshrelease9.1CRITICALUnauthenticated Attackers Can Degrade Cloud Foundry Deployment Availability
CVE-2024-22279Cloud FoundryRouting Release7.5HIGHCVE-2023-34061 β Gorouter route pruning
CVE-2023-34061Cloud FoundryRouting Release7.5HIGHCVE-2023-34041-Abuse of HTTP Hop-by-Hop Headers in Cloud Foundry Gorouter
CVE-2023-34041Cloud FoundryRouting5.3MEDIUMCF workflows leak credentials in system audit logs
CVE-2023-20885Cloud FoundryNotifications6.5MEDIUMCloud Controller is vulnerable to denial of service via YAML parsing
CVE-2020-5423Cloud FoundryCapi7.5HIGHUAA password may appear in BOSH System Metrics Server process arguments
CVE-2020-5422Cloud FoundryBosh System Metrics Se...6.5MEDIUMCloud Controller allows users with no roles to list droplets
CVE-2020-5418Cloud FoundryCapi3.1LOWGorouter is vulnerable to DoS attack via invalid HTTP responses
CVE-2020-5420Cloud FoundryRouting7.7HIGHCF clusters with NGINX in front of them may be vulnerable to DoS
CVE-2020-5416Cloud FoundryRouting7.7HIGH