pivotal

cloud_foundry_notifications

2 known vulnerabilities · sorted by CVSS score

CVE-2023-20885

Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior to 7.1.19.

pivotal / cloud_foundry_nfs_volume+3

Network

Published Jun 16, 2023

CVE-2019-3800

MEDIUM6.3

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

pivotal / cloud_foundry_command_line_interface+59

Local

Published Aug 5, 2019