CVE-2023-20881

>= 1.140 and <= 1.152.0

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users sy

8.1HIGH

CVE-2021-22100

< 1.122.0

In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (acc

5.3MEDIUM

CVE-2021-22101

< 1.118.0

Cloud Controller versions prior to 1.118.0 are vulnerable to unauthenticated denial of Service(DoS) vulnerability allowing unauthe

7.5HIGH

CVE-2021-22115

< 1.106.0

Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is

6.5MEDIUM

CVE-2020-5423

< 1.101.0

CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicio

7.5HIGH

CVE-2020-5418

< 1.98.0

Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" s

4.3MEDIUM

CVE-2020-5417

< 1.97.0

Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where an app domain is also the system

8.8HIGH

CVE-2020-5400

< 1.91.0

Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may i

6.5MEDIUM

CVE-2019-11294

all versions

Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including s

4.3MEDIUM

CVE-2019-3798

< 1.79.0

Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0, contains improper authentication when validating user permis

6.0MEDIUM

CVE-2019-3785

< 1.78.0

Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated

8.1HIGH

CVE-2016-2169

< 1.0.0

Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business log

5.3MEDIUM

CVE-2018-1266

< 1.52.0

Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An a

8.1HIGH

CVE-2018-1195

< 1.46.0

In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud C

8.8HIGH

CVE-2017-14389

< 1.45.0

An issue was discovered in Cloud Foundry Foundation capi-release (all versions prior to 1.45.0), cf-release (all versions prior to

6.5MEDIUM

CVE-2017-8048

all versions

In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274, the

7.8HIGH

CVE-2017-8037

all versions

In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior t

7.5HIGH

CVE-2017-8035

>= 1.7.0 and < 1.35.0

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1

7.5HIGH

CVE-2017-8033

< 1.35.0

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions prior to v1.35.0 and cf-rele

7.8HIGH

CVE-2017-8036

all versions

An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release version 1.33.0 (only). The original f

7.8HIGH

CVE-2017-8034

<= 1.31.0

The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v

6.6MEDIUM

CVE-2016-8219

< 1.12.0

An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A

6.5MEDIUM

CVE-2016-9882

<= 1.11.0

An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0.

7.5HIGH