Pivotal Software Cf Deployment
By the Year
In 2024 there have been 0 vulnerabilities in Pivotal Software Cf Deployment . Cf Deployment did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 2 | 8.45 |
It may take a day or so for new Cf Deployment vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pivotal Software Cf Deployment Security Vulnerabilities
In Cloud Controller versions prior to 1.46.0
CVE-2018-1195
8.8 - High
- March 19, 2018
In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud Controller accepts refresh tokens for authentication where access tokens are expected. This exposes a vulnerability where a refresh token that would otherwise be insufficient to obtain an access token, either due to lack of client credentials or revocation, would allow authentication.
Insufficient Session Expiration
In cf-deployment before 1.14.0 and routing-release before 0.172.0
CVE-2018-1221
8.1 - High
- March 19, 2018
In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and some other HTTP-aware Load Balancers. A user with developer privileges could use this vulnerability to steal data or cause denial of service.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cloudfoundry Routing Release or by Pivotal Software? Click the Watch button to subscribe.
