CVE-2016-3091 Diego log encoding vulnerability
High
Cloud Foundry Foundation
Diego-release versions 0.1468.0 through 0.1470.0
Due to how Diego handles breaking up large log streams on UTF-8 boundaries, it is possible to cause a denial of service on a Cloud Foundry installation with an app outputting malformed UTF-8 sequences.
Users of affected versions should apply the following mitigation:
This issue was identified by a VMware team and reported responsibly to the Cloud Foundry Foundation.