VYPR
← All vendors
Vendor

BOSH

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2026-41860HigJun 4, 2026
    BOSH
    BOSH
    risk 0.57cvss 8.8epss

    CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-code OpenSSL::SSL::VERIFY_NONE, enabling an attacker to intercept traffic between…

  • CVE-2026-41010HigJun 4, 2026
    BOSH
    BOSH Director
    risk 0.53cvss 8.2epss

    ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', "#{name}.tgz") where name returns @job_meta['name'], a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded…

  • CVE-2026-41011HigJun 4, 2026
    BOSH
    BOSH
    risk 0.53cvss 8.2epss

    PackagePersister.validate_tgz builds "tar -tf #{tgz} 2>&1" where tgz = File.join(release_dir, 'packages', "#{name}.tgz") and name = package_meta['name'] comes directly from release.MF inside the uploaded tarball. The string is passed to Bosh::Common::Exec.sh, which executes via…