Lucene search
K

12 matches found

OSV
OSV
added 2026/06/06 4:6 a.m.6 views

MINI-2MF8-H5VG-CFCR

Bulletin has no description...

7.8CVSS5.2AI score0.00221EPSS
Exploits1
OSV
OSV
added 2024/09/16 12:20 p.m.18 views

CGA-895X-8FHR-CFCR

Bulletin has no description...

7.5CVSS7.5AI score0.023EPSS
Exploits1
Cloud Foundry
Cloud Foundry
added 2019/10/15 12:0 a.m.54 views

CVE-2019-11247: Kubernetes API Server Vulnerability | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Description The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and ro...

8.1CVSS6.2AI score0.02092EPSS
Exploits0
Prion
Prion
added 2019/04/24 4:29 p.m.19 views

Design/Logic Flaw

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. Th...

4CVSS6.7AI score0.00592EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/24 3:21 p.m.21 views

CVE-2019-3786 BBR could run arbitrary scripts on deployment VMs

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. Th...

7.7CVSS6.8AI score0.00592EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2019/04/08 12:0 a.m.46 views

CVE-2019-3786: BBR could run arbitrary scripts on deployment VMs | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions BOSH Backup and Restore All versions prior to v1.5.0 Description Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote...

7.7CVSS6.9AI score0.00592EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2019/04/01 12:0 a.m.100 views

CVE-2019-1002101: Kubernetes kubectl - potential directory traversal | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions Cloud Foundry Container Runtime CFCR All versions prior to 0.31.0 Description A security issue was discovered with the Kubernetes kubectl cp command that could enable a directory traversal replacing or...

6.4CVSS6AI score0.13164EPSS
Exploits2
Cloud Foundry
Cloud Foundry
added 2019/04/01 12:0 a.m.72 views

CVE-2019-1002100: Kubernetes API Server Patch Request Consumes Excess Resource Cause Denial of Service | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions Cloud Foundry Container Runtime CFCR All versions prior to 0.31.0 Description In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the...

6.5CVSS6.5AI score0.10606EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2019/02/13 12:0 a.m.143 views

CVE-2019-5736: runC container breakout | Cloud Foundry

Severity High Vendor Open Container Initiative Affected Cloud Foundry Products and Versions Severity is High unless otherwise noted. BPM All prior to v1.0.3 Cloud Foundry Container Runtime CFCR All versions prior to v0.29.0 Docker BOSH Release All versions prior to v34.0.0 Garden runC All version...

9.3CVSS8.9AI score0.9857EPSS
Exploits33
Cloud Foundry
Cloud Foundry
added 2019/01/04 12:0 a.m.44 views

CVE-2018-18264: Kubernetes Dashboard TLS Certificate Leak | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions Cloud Foundry Container Runtime CFCR All versions prior to 0.26.0 Description Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard’s Service Account for reading...

7.5CVSS7.7AI score0.70372EPSS
Exploits1
Cloud Foundry
Cloud Foundry
added 2018/12/05 12:0 a.m.41 views

CVE-2018-1002105: Proxy request handling in kube-apiserver can leave vulnerable TCP connections | Cloud Foundry

Severity Critical Vendor Kubernetes Affected Cloud Foundry Products and Versions CFCR Release All versions prior to v0.25.0 Description With a specially crafted request, users are able to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests ove...

9.8CVSS7.8AI score0.86978EPSS
Exploits10
Cloud Foundry
Cloud Foundry
added 2018/09/14 12:0 a.m.504 views

CVE-2018-1223: CFCR leaks credentials to application logs | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions kubo-release versions prior to 0.14.0 Description Cloud Foundry Container Runtime kubo-release, versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the...

8.8CVSS8.8AI score0.00944EPSS
Exploits0
Rows per page
Query Builder