Diego Release
by Cloudfoundry
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41013 | Hig | 0.53 | 8.1 | — | Jun 1, 2026 | Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control… | ||
| CVE-2016-3091 | Hig | 0.49 | 7.5 | 0.01 | Jun 8, 2017 | Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service. | ||
| CVE-2022-31733 | 0.00 | — | 0.00 | Feb 3, 2023 | Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are… |
- risk 0.53cvss 8.1epss —
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control…
- risk 0.49cvss 7.5epss 0.01
Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service.
- CVE-2022-31733Feb 3, 2023risk 0.00cvss —epss 0.00
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are…