2 matches found
CVE-2019-3789
CVE-2019-3789 affects Cloud Foundry Routing Release (CF Routing) prior to 0.188.0. A space developer can create a private domain shadowing an external route service domain and map it to an app, causing the gorouter to route external traffic to the internal app instead. Impact is hijacking of rout...
CVE-2020-5401
CVE-2020-5401 affects Cloud Foundry Routing Release (prior to 0.197.0) which includes GoRouter. Malicious clients can send invalid headers, causing caching layers to reject subsequent legitimate clients. The vulnerability, described in multiple sources, results in degraded access for users to app...