CVE-2018-1265
Description
Cloud Foundry Diego prior to 2.8.0 fails to sanitize file paths in tar/zip headers, allowing admin to upload malicious buildpack leading to full VM takeover.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cloud Foundry Diego prior to 2.8.0 fails to sanitize file paths in tar/zip headers, allowing admin to upload malicious buildpack leading to full VM takeover.
Vulnerability
Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip file headers. This vulnerability allows a remote attacker with CF admin privileges to upload a malicious buildpack that exploits the path traversal. Affected versions include diego-release prior to 2.8.0 and cf-deployment prior to v1.37.0 [1].
Exploitation
An attacker must have Cloud Foundry admin privileges to upload a malicious buildpack. The buildpack contains tar or zip files with crafted file paths that bypass sanitization. Upon processing, the paths allow writing files to arbitrary locations on the Diego Cell VM [1].
Impact
Successful exploitation results in complete takeover of the Diego Cell VM. The attacker gains access to all applications running on that Diego Cell, leading to full compromise of confidentiality, integrity, and availability of those apps [1].
Mitigation
Users should upgrade to diego-release version 2.8.0 or cf-deployment version v1.37.0, which contain the fix. No workarounds are mentioned in the available references [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <2.8.0
- Cloud Foundry/Diegov5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.cloudfoundry.org/blog/cve-2018-1265/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.