VYPR
Vendor

Cloudfoundry

Products
84
CVEs
227
Across products
304
Status
Private

Products

84
View all 84 products →

Recent CVEs

227
View all 227 CVEs →
  • CVE-2026-40965CriJun 1, 2026
    risk 0.65cvss 10.0epss 0.00

    Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed through the public /token_keys endpoint. This endpoint is designed to provide…

  • CVE-2016-0898CriMar 29, 2018
    risk 0.65cvss 10.0epss 0.01

    MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.

  • CVE-2016-9880CriMar 16, 2018
    risk 0.64cvss 9.8epss 0.02

    The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker.

  • CVE-2017-8045CriNov 27, 2017
    risk 0.64cvss 9.8epss 0.04

    In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.

  • CVE-2017-4955CriJun 13, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic…

  • CVE-2017-2773CriJun 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.60, 1.7.x versions prior to 1.7.41, 1.8.x versions prior to 1.8.23, and 1.9.x versions prior to 1.9.1. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged…

  • CVE-2016-8218CriJun 13, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users to the routing API, aka an…

  • CVE-2016-6655CriJun 13, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a common script used by many Cloud Foundry components. A malicious user may exploit…

  • CVE-2016-4977HigMay 25, 2017
    risk 0.64cvss 8.8epss 0.79

    When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the…

  • CVE-2016-0761CriMay 25, 2017
    risk 0.64cvss 9.8epss 0.02

    Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other…

  • CVE-2016-5006CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.01

    The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors.

  • CVE-2016-9885CriJan 6, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1. The gfsh (Geode Shell) endpoint, used by operators and application developers to connect to their cluster, is unauthenticated and publicly accessible. Because…

  • CVE-2016-9877CriDec 29, 2016
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication with a username/password pair succeeds if an…

  • CVE-2016-0930CriSep 18, 2016
    risk 0.64cvss 9.8epss 0.01

    Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period during which these VMs…

  • CVE-2016-0897CriSep 18, 2016
    risk 0.64cvss 9.8epss 0.01

    Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.

  • CVE-2016-0883CriSep 18, 2016
    risk 0.64cvss 9.8epss 0.01

    Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another…

  • CVE-2016-6658CriMar 29, 2018
    risk 0.62cvss 9.6epss 0.01

    Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a credential in the URL (basic auth or OAuth) to access the buildpack through the…

  • CVE-2026-41005CriJun 11, 2026
    risk 0.59cvss 9.0epss 0.00

    Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from the Identity Provider (authenticity) in two SAML flows: the OAuth 2.0 SAML2 bearer grant (token endpoint) and browser SSO (ACS) when…

  • CVE-2024-37082CriJul 3, 2024
    risk 0.59cvss 9.1epss 0.01

    When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications.  You are affected if you have route-services enabled in…

  • CVE-2018-1264CriOct 5, 2018
    risk 0.59cvss 9.1epss 0.02

    Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case,…