Known Vulnerabilities for products from Pivotal
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pivotal".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-34054 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-28 | 2023-12-04 |
| CVE-2023-20885 json | Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issu... | 6.5 - MEDIUM | 2023-06-16 | 2023-06-30 |
| CVE-2022-31684 json | Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The l... | 4.3 - MEDIUM | 2022-10-19 | 2022-10-21 |
| CVE-2022-22969 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-04-21 | 2023-08-08 |
| CVE-2020-5404 json | The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly... | 5.9 - MEDIUM | 2020-03-03 | 2021-07-07 |
| CVE-2020-5403 json | Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be close... | 7.5 - HIGH | 2020-03-03 | 2022-09-20 |
| CVE-2019-19029 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor C... | 7.2 - HIGH | 2020-03-20 | 2021-05-21 |
| CVE-2019-19026 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbo... | 4.9 - MEDIUM | 2020-03-20 | 2021-05-21 |
| CVE-2019-19025 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
| CVE-2019-19023 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harb... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
| CVE-2019-11288 json | In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions pr... | 7 - HIGH | 2020-01-27 | 2021-11-02 |
| CVE-2019-11284 json | Pivotal Reactor Netty, versions prior to 0.8.11, passes headers through redirects, including authorization ones. A remote una... | 8.6 - HIGH | 2019-10-17 | 2019-10-23 |
| CVE-2019-11275 json | Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior t... | 4.3 - MEDIUM | 2019-10-01 | 2020-10-16 |
| CVE-2019-3800 json | CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the use... | 7.8 - HIGH | 2019-08-05 | 2019-10-09 |
| CVE-2018-1223 json | Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application... | 8.8 - HIGH | 2018-09-17 | 2020-03-09 |
| CVE-2018-1190 json | An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.... | 6.1 - MEDIUM | 2018-01-04 | 2021-05-25 |
| CVE-2017-8048 json | In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274,... | 7.8 - HIGH | 2017-10-04 | 2021-08-10 |
| CVE-2017-8047 json | In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some app... | 6.1 - MEDIUM | 2017-10-04 | 2021-08-10 |
| CVE-2017-8039 json | An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFac... | 5.9 - MEDIUM | 2017-11-27 | 2019-10-03 |
| CVE-2017-4975 json | An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create... | 7.5 - HIGH | 2017-06-13 | 2019-10-03 |