4 matches found
EUVD-2017-17012
Malware in sbrugna...
Design/Logic Flaw
In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the original fix for CVE-2017-8033 introduces an API regression that allows a space developer to execute arbitrary code on the Cloud Controller VM by pushing a specially...
CVE-2017-8033
The CVE-2017-8033 issue affects Cloud Foundry’s Cloud Controller API in capi-release v1.33.0+ and cf-release v268+ (pre-v1.35.0 and pre-v268 respectively), where a filesystem-traversal flaw lets a space developer write arbitrary files on the Cloud Controller VM by pushing a crafted app. The origi...
CVE-2017-8033: Cloud Controller API filesystem traversal vulnerability | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Versions Affected CAPI-release versions prior to v1.35.0 cf-release versions prior to v268 Description A filesystem traversal vulnerability exists in the Cloud Controller that allows a space developer to escalate privileges by pushing a...