105 matches found
EUVD-2016-3254
Malware in sbrugna...
EUVD-2017-14072
Malware in sbrugna...
EUVD-2017-11916
Malware in sbrugna...
EUVD-2016-7560
Malware in sbrugna...
EUVD-2016-0761
Malware in sbrugna...
EUVD-2016-0939
Malware in sbrugna...
EUVD-2016-7555
Malware in sbrugna...
GHSA-RC2R-W8JV-VGGP Cloud Foundry vulnerable to Improper Certificate Validation
Pivotal Cloud Foundry 239 and earlier, UAA aka User Account and Authentication Server 3.4.1 and earlier, UAA release 12.2 and earlier, PCF aka Pivotal Cloud Foundry Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired...
Cloud Foundry vulnerable to Cross-Site Request Forgery
Multiple cross-site request forgery CSRF vulnerabilities in Pivotal Cloud Foundry PCF before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.2; and Ops...
Cloud Foundry UAA reset password vulnerable to brute force attack
The UAA reset password flow in Cloud Foundry release v236 and earlier versions, UAA release v3.3.0 and earlier versions, all versions of Login-server, UAA release v10 and earlier versions and Pivotal Elastic Runtime versions prior to 1.7.2 is vulnerable to a brute force attack due to multiple...
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry PCF Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links...
Cloud Foundry Runtime Insufficient Session Expiration vulnerability
The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry PCF Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions...
Pivotal Cloud Foundry Elastic Runtime Information Disclosure Vulnerability (CNVD-2018-19741)
Pivotal Cloud Foundry PCF is an open source Platform-as-a-Service PaaS cloud computing platform from Pivotal Software that provides container scheduling, continuous delivery, and automated service deployment.Elastic Runtime is a runtime environment for Pivotal Cloud Foundry. Elastic Runtime is a...
Information disclosure
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP...
CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP...
CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP...
CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP...
CVE-2016-0715
CVE-2016-0715 affects Pivotal Cloud Foundry Elastic Runtime versions 1.4.0–1.4.5, 1.5.0–1.5.11, and 1.6.0–1.6.11, enabling remote information disclosure. The issue stems from incomplete mitigation guidance tied to CVE-2016-0708, leaving PHP Buildpack, Staticfile Buildpack, and potentially other c...
The software vulnerabilities of Cloud Foundry Runtime cf-release, UAA Standalone, and Pivotal Cloud Foundry Elastic Runtime, a software platform of Cloud Foundry, allow attackers to exploit old sessions after password reset.
The vulnerability of the Cloud Foundry Runtime cf-release, UAA Standalone, and Pivotal Cloud Foundry Elastic Runtime software platforms is related to incorrect session expiration times. Exploiting this vulnerability allows a malicious actor to utilize an existing session after password reset, as...
Pivotal Cloud Foundry Runtime cf-release, UAA and Pivotal Cloud Foundry Elastic Runtime Cross-Site Request Forgery Vulnerabilities
Pivotal Cloud Foundry PCF Runtime cf-release and others are products of Pivotal Software, Inc. PCF is an open source Platform-as-a-Service PaaS cloud computing platform that provides container scheduling, continuous delivery, and automated service deployment. cf-release is a release of PCF. UAA i...