Known Vulnerabilities for products from Pivotal
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pivotal".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22969 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-04-21 | 2023-08-08 |
| CVE-2020-5404 | The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly... | 5.9 - MEDIUM | 2020-03-03 | 2021-07-07 |
| CVE-2020-5403 | Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be close... | 7.5 - HIGH | 2020-03-03 | 2022-09-20 |
| CVE-2019-19029 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor C... | 7.2 - HIGH | 2020-03-20 | 2021-05-21 |
| CVE-2019-19026 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbo... | 4.9 - MEDIUM | 2020-03-20 | 2021-05-21 |
| CVE-2019-19025 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
| CVE-2019-19023 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harb... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
| CVE-2019-11288 | In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions pr... | 7 - HIGH | 2020-01-27 | 2021-11-02 |
| CVE-2019-11284 | Pivotal Reactor Netty, versions prior to 0.8.11, passes headers through redirects, including authorization ones. A remote una... | 8.6 - HIGH | 2019-10-17 | 2019-10-23 |
| CVE-2019-11275 | Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior t... | 4.3 - MEDIUM | 2019-10-01 | 2020-10-16 |
| CVE-2019-3800 | CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the use... | 7.8 - HIGH | 2019-08-05 | 2019-10-09 |
| CVE-2018-1223 | Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application... | 8.8 - HIGH | 2018-09-17 | 2020-03-09 |
| CVE-2018-1190 | An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.... | 6.1 - MEDIUM | 2018-01-04 | 2021-05-25 |
| CVE-2017-8048 | In Cloud Foundry capi-release versions 1.33.0 and later, prior to 1.42.0 and cf-release versions 268 and later, prior to 274,... | 7.8 - HIGH | 2017-10-04 | 2021-08-10 |
| CVE-2017-8047 | In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some app... | 6.1 - MEDIUM | 2017-10-04 | 2021-08-10 |
| CVE-2017-8039 | An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFac... | 5.9 - MEDIUM | 2017-11-27 | 2019-10-03 |
| CVE-2017-4975 | An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create... | 7.5 - HIGH | 2017-06-13 | 2019-10-03 |
| CVE-2017-4971 | An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFac... | 5.9 - MEDIUM | 2017-06-13 | 2019-10-03 |
| CVE-2017-3203 | The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizab... | 8.1 - HIGH | 2018-06-11 | 2019-10-09 |
| CVE-2016-6639 | Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Clo... | 7.5 - HIGH | 2016-09-18 | 2021-09-09 |