3 matches found
CVE-2017-8048
In Cloud Foundry, CVE-2017-8048 is a regression introduced by the original fix for CVE-2017-8033. Affected are capi-release 1.33.0–1.41.x (prior to 1.42.0) and cf-release 268–273 (prior to 274). The issue enables a space developer to execute arbitrary code on the Cloud Controller VM by pushing a ...
CVE-2018-1190
CVE-2018-1190 affects Pivotal Cloud Foundry components, causing a cross-site scripting (XSS) vulnerability in the clientId parameter of the UAA OpenID Connect check session iframe used for single logout. Affected versions include cf-release prior to v270, UAA v3.x before v3.20.2, and UAA bosh rel...
CVE-2017-8037
CVE-2017-8037 affects Cloud Foundry: CAPI-release v1.6.0+ up to < v1.38.0 and cf-release v244+ up to