VYPR

Pivot

by Pivot

CVEs (25)

  • CVE-2006-3533Jul 12, 2006
    risk 0.03cvss epss 0.06

    Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) fg, (2) line1, (3) line2, (4) bg, (5) c1, (6) c2, (7) c3, and (8) c4 parameters in (a)…

  • CVE-2019-11288Jan 27, 2020
    risk 0.00cvss epss 0.00

    In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket…

  • CVE-2019-11273Jul 23, 2019
    risk 0.00cvss epss 0.01

    Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve…

  • CVE-2018-15759Nov 19, 2018
    risk 0.00cvss epss 0.02

    Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and…

  • CVE-2014-2857Apr 15, 2014
    risk 0.00cvss epss 0.01

    The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue…

Page 2 of 2