11 matches found
EUVD-2023-25053
Malicious code in bioql PyPI...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
Code injection
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
PT-2023-17685 · Unknown · Loggregator-Agent +1
Name of the Vulnerable Software and Affected Versions: Cloud Foundry versions 1.140 through 1.152.0 loggregator-agent version 7 and later Description: The issue allows users to override other users' syslog drain credentials if they are aware of the client certificate used for that syslog drain...
CVE-2023-20881
CVE-2023-20881 affects Cloud Foundry CAPI versions 1.140–1.152.0 and Loggregator-agent v7+. The issue allows a user who knows the syslog drain client certificate to override other users’ syslog drain credentials, potentially altering the private key or adding/modifying a Certificate Authority use...
Cloud Foundry CAPI 信任管理问题漏洞
Cloud Foundry CAPI is a cloud controller from the Cloud Foundry Foundation in the United States. A security vulnerability exists in Cloud Foundry CAPI versions 1.140 through 1.152.0, Loggregator-agent v7+, and CF Deployment versions 24.7.0 through 29.0.0, which originates in Cloud foundry instanc...
CVE-2023-20881
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...
CVE-2019-17596: x509 parsing in Golang can cause panic | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Description Various Cloud Foundry components are written in Go and are therefore vulnerable to a denial of service attack. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...