CVE-2018-15796
The CVE-2018-15796 vulnerability affects Cloud Foundry Bits Service releases prior to 2.14.0, where an insecure hashing algorithm signs URLs. A remote attacker could obtain a signed URL and extract the signing key, gaining complete read/write access to the Bits Service storage. Mitigation: upgrad...