Known Vulnerabilities for Routing-release by Cloudfoundry
Listed below are 8 of the newest known vulnerabilities associated with "Routing-release" by "Cloudfoundry".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22726 json | Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a... | Not Provided | 2026-05-01 | 2026-05-01 |
| CVE-2023-34041 json | Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticate... | 5.3 - MEDIUM | 2023-09-08 | 2023-09-14 |
| CVE-2020-15586 json | Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseP... | 5.9 - MEDIUM | 2020-07-17 | 2023-11-07 |
| CVE-2020-5416 json | Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used in a deployment with NGINX reverse proxies in front of... | 6.5 - MEDIUM | 2020-08-21 | 2021-06-07 |
| CVE-2019-11289 json | Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated maliciou... | 8.6 - HIGH | 2019-11-19 | 2020-01-03 |
| CVE-2018-1221 json | In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests f... | 8.1 - HIGH | 2018-03-19 | 2021-05-27 |
| CVE-2018-1193 json | Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A r... | 5.3 - MEDIUM | 2018-05-23 | 2019-10-03 |
| CVE-2017-8034 json | Not Provided | 2017-07-17 | 2025-04-20 | |
| CVE-2016-8218 json | Not Provided | 2017-06-13 | 2025-04-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cloudfoundry | Routing-release | 0.99.0 | |||
| Application | Cloudfoundry | Routing-release | 0.69.0 | |||
| Application | Cloudfoundry | Routing-release | 0.66.0 | |||
| Application | Cloudfoundry | Routing-release | 0.62.0 | |||
| Application | Cloudfoundry | Routing-release | 0.203.0 | |||
| Application | Cloudfoundry | Routing-release | 0.195.0 | |||
| Application | Cloudfoundry | Routing-release | 0.194.0 | |||
| Application | Cloudfoundry | Routing-release | 0.193.0 | |||
| Application | Cloudfoundry | Routing-release | 0.192.0 | |||
| Application | Cloudfoundry | Routing-release | 0.191.0 | |||
| Application | Cloudfoundry | Routing-release | 0.190.0 | |||
| Application | Cloudfoundry | Routing-release | 0.189.0 | |||
| Application | Cloudfoundry | Routing-release | 0.188.0 | |||
| Application | Cloudfoundry | Routing-release | 0.187.0 | |||
| Application | Cloudfoundry | Routing-release | 0.186.0 | |||
| Application | Cloudfoundry | Routing-release | 0.185.0 | |||
| Application | Cloudfoundry | Routing-release | 0.184.0 | |||
| Application | Cloudfoundry | Routing-release | 0.183.0 | |||
| Application | Cloudfoundry | Routing-release | 0.182.0 | |||
| Application | Cloudfoundry | Routing-release | 0.181.0 |