threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cloudfoundry routing release
Product
cloudfoundry routing release
14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-22726
>= 0.118.0 and < 0.372.0
Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a resu
5.0
MEDIUM
CVE-2024-22279
>= 0.273.0 and <= 0.297.0
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the ser
5.9
MEDIUM
CVE-2023-34041
< 0.278.0
Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated att
5.3
MEDIUM
CVE-2023-20882
>= 0.262.0 and < 0.266.0
In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of
5.9
MEDIUM
CVE-2020-5416
< 0.204.0
Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used in a deployment with NGINX reverse proxies in front of the
6.5
MEDIUM
CVE-2020-15586
< 0.203.0
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy
5.9
MEDIUM
CVE-2020-5401
< 0.197.0
Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid header
5.3
MEDIUM
CVE-2019-11289
< 0.193.0
Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious use
8.6
HIGH
CVE-2019-3789
< 0.188.0
Cloud Foundry Routing Release, all versions prior to 0.188.0, contains a vulnerability that can hijack the traffic to route servic
6.5
MEDIUM
CVE-2018-1193
< 0.175.0
Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote
5.3
MEDIUM
CVE-2018-1221
< 0.172.0
In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AW
8.1
HIGH
CVE-2017-8047
<= 0.162.0
In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applicat
6.1
MEDIUM
CVE-2017-8034
<= 0.158.0
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0, Routing-release versions prior to v
6.6
MEDIUM
CVE-2016-8218
<= 0.141.0
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and cf-release versions 203 to 231.
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin