USN-4249-1: e2fsprogs vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code. CVEs...

USN-4015-1: DBus vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Joe Vennix discovered that DBus incorrectly handled DBUSCOOKIESHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus server...

USN-3960-1: WavPack vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service. CVEs contained in this USN include: CVE-2019-11498 Affected...

CVE-2016-5016 UAA accepts expired certificates | Cloud Foundry

CVE-2016-5016 UAA accepts expired certificates High Vendor Cloud Foundry Foundation Versions Affected Cloud Foundry release v239 and earlier versions UAA release v3.4.1 and earlier versions UAA release V12.2 and earlier versions Description UAA uses the OpenJDK Java Runtime Environment TrustManag...

USN-6838-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use...

USN-6697-1: Bash vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker...

USN-6677-1: libde265 vulnerabilities | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to...

USN-6512-1: LibTIFF vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that LibTIFF could be made to run into an infinite loop. If a user or an automated system were tricked into opening a specially crafted imag...

CVE-2023-34061 - Gorouter route pruning | Cloud Foundry

Severity HIGH Vendor CloudFoundry Foundation Versions Affected Routing Release 0.163.0 CF Deployment 0.28.0 Description Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning an...

USN-6467-2: Kerberos vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: Robert Morris discovered tha...

USN-5963-1: Vim vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or...

USN-5849-1: Heimdal vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to...

USN-5718-1: pixman vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute...

USN-5462-1: Ruby vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-28738 ...

USN-5672-1: GMP vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could possibly use this issue to cause applications...

USN-5379-1: klibc vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resultin...

USN-4635-1: Kerberos vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service. CVEs containe...

CVE-2020-5399: CredHub does not properly enable TLS for MySQL database connections | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Description Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database...

USN-4062-1: WavPack vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318,...

USN-2835-1 git vulnerability | Cloud Foundry

USN-2835-1 git vulnerability Medium Vendor git Versions Affected Ubuntu 14.04 Description Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting...

USN-6852-1: Wget vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected. Update...

CVE-2024-22279 - GoRouter Denial of Service Attack | Cloud Foundry

Severity MEDIUM Vendor CloudFoundry Foundation Versions Affected Routing Release v0.273.0 and v30.9.0 and = v40.13.0 Description Cloud foundry routing release versions from v0.273.0 to v0.297.0 are vulnerable to a DOS attack. An unauthenticated attacker can exploit this vulnerability to force...

USN-5848-1: less vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description David Leadbeater discovered that less was not properly handling escape sequences when displaying raw control characters. A maliciously formed OSC 8 hyperlink could be used by an attacker to perform a deni...

USN-5908-1: Sudo vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROOT setting, a local attacker could use this...

CVE-2022-31733: Unsecured Application Port | Cloud Foundry

High Vendor Cloud Foundry Foundation Description Apps running on cf-deployment are accessible unproxied via a programmatically-generated port on diego cells. The route integrity with mTLS feature rep.containers.proxy.requireandverifyclientcertificates, exposes an additional port that requires a...

USN-5689-1: Perl vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature...

USN-5615-1: SQLite vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-5548-1: libxml2 vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run sudo ua fix...

USN-5329-1: tar vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to cause tar to crash, resulting in a denial of service. CVEs contained in this...

USN-4667-1: APT vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a...

USN-4233-1: GnuTLS update | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description As a security improvement, this update marks SHA1 as being untrusted for digital signature operations. Affected Cloud Foundry Products and Versions Severity is unknown unless...

CVE-2019-11289: Gorouter header denial of service vulnerability | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Description Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash...

USN-4168-1: Libidn2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to impersonate domains. CVE-2019-12290 It was discovered that Libidn2 incorrectly handled certa...

USN-3151-2: Linux kernel (Xenial HWE) vulnerability | Cloud Foundry

USN-3151-2: Linux kernel Xenial HWE vulnerability High Vendor Canonical Ubuntu Versions Affected Ubuntu 14.04 LTS The following Cloud Foundry BOSH stemcells are vulnerable: All versions prior to 3151.5 3233.x versions prior to 3233.6 3263.x versions prior to 3263.12 3312.x versions prior to 3312....

USN-5259-2: Cron vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that the postinst maintainer script in Cron...

USN-5349-1: GNU binutils vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that GNU binutils gold incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVEs contained in this USN include: CVE-2019-1010204...

USN-5280-1: Speex vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Speex incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. CVEs contained in this USN include: CVE-2020-23903. Affected Clo...

USN-5133-1: ICU vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description ICU could be made to crash if it received specially crafted input. CVEs contained in this USN include: CVE-2020-21913. Affected Cloud Foundry Products and Versions Severity is low unle...

USN-4969-1: DHCP vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service...

USN-4169-1: libarchive vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly execute arbitrary code. CVEs contained in this USN include: CVE-2019-18408...

CVE-2019-11274: UAA SCIM Filter XSS | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions UAA Release OSS All versions prior to v74.0.0 Description Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that...

CVE-2018-15797: NFS volume release errand leaks CF admin credentials in logs | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions NFS volume release 1.2.x prior to 1.2.5 1.5.x prior to 1.5.4 1.7.x prior to 1.7.3 Description Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7.3, logs the cf...

USN-6791-1: Unbound vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update introduces certain resource limits to make the impact from Unbound significantly lower...

USN-6839-1: MariaDB vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.6.18 in Ubuntu 22.04 LTS and to 10.11.8 in Ubuntu 23.10 a...

USN-6805-1: libarchive vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update Instructions: Run sudo pro fix...

USN-6715-1: unixODBC vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash. Update Instructions: Run sudo pro fix...

USN-5825-2: PAM regressions | Cloud Foundry

Severity Negligible Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We...

USN-5745-1: shadow vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could...

USN-5673-1: unzip vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip...

USN-5244-2: DBus vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Daniel Onaca discovered that DBus contained a...