EUVD-2022-3609

Malicious code in bioql PyPI...

CVE-2015-5170

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry PCF Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery CSRF attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks...

CVE-2015-3190

With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter...

USN-2740-1 ICU Vulnerabilities | Cloud Foundry

USN-2740-1 ICU Vulnerabilities Medium to Low Vendor Canonical Ubuntu Versions Affected icu – International Components for Unicode library Description Atte Kettunen discovered that ICU incorrectly handled certain converter names. If an application using ICU processed crafted data, a remote attacke...

USN-2722-1 GDK-PixBuf Vulnerabilities | Cloud Foundry

USN-2722-1 GDK-PixBuf Vulnerabilities Medium Vendor Canonical Ubuntu Versions Affected libgdk-pixbuf2.0-0 2.30.7-0ubuntu1.1 Description It was discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote...

Golang 1.4.3 CVE Fixes | Cloud Foundry

Golang 1.4.3 CVE Fixes Low Vendor Google Versions Affected Golang v1.4.2 and lower Description Several security issues were fixed in Go’s net / http package. The CVE issue descriptions and fixes are linked below: CVE-2015-5739 – ‘Content Length’ treated as valid header:...

CVE-2014-7186 and CVE-2014-7187 - Bash Out of Bounds | Cloud Foundry

CVE-2014-7186 and CVE-2014-7187 – Bash Out of Bounds Moderate Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 10.04 LTS and 14.04 LTS that include bash through 4.3 bash43-026 Description Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows...