EUVD-2016-7555

Malware in sbrugna...

EUVD-2015-3259

Malware in sbrugna...

EUVD-2017-14079

Malware in sbrugna...

EUVD-2019-13419

Malware in sbrugna...

EUVD-2022-4759

Malicious code in bioql PyPI...

EUVD-2022-3609

Malicious code in bioql PyPI...

EUVD-2022-4277

Malicious code in bioql PyPI...

EUVD-2022-3791

Malicious code in bioql PyPI...

EUVD-2022-5791

Malicious code in bioql PyPI...

CVE-2025-22216 CVE-2025-22216 UAA Missing Zone Validation

A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their jsessionid to access other zones...

CVE-2025-22216 - UAA Missing Zone Validation | Cloud Foundry

Severity MED Overall CVSS Score: 5.0 CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C Vendor CloudFoundry Foundation Versions Affected Affected thru UAA Releases 77.20.1, 77.24.0 including 77.21.0, 77.22.0, 77.23.0 Unaffected from UAA Release 77.20.2 Unaffected from UAA Release...

CVE-2017-4963

An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier versions, UAA stand-alone release v2.0.0 - v2.7.4.12 & v3.0.0 - v3.11.0, and UAA bosh release v26 & earlier versions. UAA is vulnerable to session fixation when configured to authenticate against external...

CVE-2017-4991: UAA password reset vulnerability | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Versions Affected cf-release versions prior to v260 UAA release: 2.x versions prior to v2.7.4.16 3.6.x versions prior to v3.6.10 3.9.x versions prior to v3.9.12 Other versions prior to v3.17.0 UAA bosh release uaa-release: 13.x versions prior to v13.1...