3 matches found
org.cloudfoundry.identity:cloudfoundry-identity-api (=3.10.0), org.cloudfoundry.identity:cloudfoundry-identity-app (=3.10.0) +1 more potentially affected by CVE-2017-4960 via org.cloudfoundry.identity:cloudfoundry-identity-server (=3.10.0)
org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.cloudfoundry.identity:cloudfoundry-identity-server and may be impacted: - org.cloudfoundry.identity:cloudfoundry-identity-a...
CVE-2017-4960
An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth clients to a denial of service attack...
CVE-2017-4960
The CVE-2017-4960 issue affects Cloud Foundry components where the UAA OAuth clients can be subjected to a denial-of-service due to the lockout feature. Affected are Cloud Foundry release v247–v252, UAA standalone releases v3.9.0–v3.11.0, and UAA Bosh Releases v21–v26. If exploited, this could im...