Pivotal Cloud Foundry Routing Release
By the Year
In 2024 there have been 1 vulnerability in Pivotal Cloud Foundry Routing Release with an average score of 7.5 out of ten. Cloud Foundry Routing Release did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2024 as compared to last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 1 | 7.50 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 7.80 |
2018 | 0 | 0.00 |
It may take a day or so for new Cloud Foundry Routing Release vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pivotal Cloud Foundry Routing Release Security Vulnerabilities
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack
CVE-2023-34061
7.5 - High
- January 12, 2024
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.
Resource Exhaustion
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag
CVE-2019-3800
7.8 - High
- August 05, 2019
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Yugabyte Db Enterprise or by Pivotal? Click the Watch button to subscribe.