EUVD-2016-9067

Malware in sbrugna...

Security Bulletin: A Node.js npm CLI module vulnerability affects IBM® SDK for Node.js™ in IBM Cloud (CVE-2020-15095)

Summary There is a vulnerability which could allow a local attacker to obtain sensitive information in the Node.js npm CLI module that is used in IBM® SDK for Node.js™ in IBM Cloud. Vulnerability Details CVEID: CVE-2020-15095 DESCRIPTION: Node.js npm CLI module could allow a local attacker to...

SUSE SLED15 / SLES15 Security Update : cf-cli (SUSE-SU-2019:1220-1)

"This update for cf-cli fixes the following issues : cf-cli was updated: to version 6.43.0 bsc1132242 Enhancements : cf curl supports a new --fail flag primarily for scripting purposes which returns exit code 22 for server errors story Improves cf delete-orphaned-routes such that it uses a...

Cloud Foundry products uses vulnerable versions of Java | Cloud Foundry

Severity Critical Vendor Cloud Foundry Affected Cloud Foundry Products and Versions Severity is Critical unless otherwise noted. Credhub 1.7.x prior to 1.7.9 1.9.x prior to 1.9.9 2.1.x prior to 2.1.2 Java Buildpack All versions prior to 4.16.1 Ruby Buildpack All versions prior to 1.7.25 UAA Relea...

Code injection

An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails...

CVE-2016-8219: Space Auditor can restage apps | Cloud Foundry

CVE-2016-8219: Space Auditor can restage apps Medium Vendor Cloud Foundry Foundation Versions Affected cf-release versions prior to 250 CAPI-release versions prior to 1.12.0 Description A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause...