Medium severity5.9NVD Advisory· Published Jul 11, 2018· Updated Jun 17, 2026
CVE-2016-0708
CVE-2016-0708
Description
Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: v166 - v227
- Cloud Foundry/Cloud Foundryv5Range: versions v166 through v227
Patches
Vulnerability mechanics
References
1- www.cloudfoundry.org/blog/cve-2016-0708/nvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.