Pivotal Software Cloud Foundry Elastic Runtime 1.6.44

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.44:*:*:*:*:*:*:*

part: a version: 1.6.44 update: *

VendorPivotal Software (a7eef617-cad9-5400-bbf0-2e56b16d90a7)
ProductCloud Foundry Elastic Runtime (0c19cb52-f984-577a-b242-6f3366452d83)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/cloudfoundry-attic/cf-release purl2cpe 2026-06-01 10:11:00.491672

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-4955 vulnerable 2026-06-03 14:37:18.001715 Details available
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.
Published: 2017-06-13T06:00:00.000Z
Updated: 2024-08-05T14:47:44.061Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-2773 vulnerable 2026-06-03 14:37:08.972570 Details available
An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.60, 1.7.x versions prior to 1.7.41, 1.8.x versions prior to 1.8.23, and 1.9.x versions prior to 1.9.1. Incomplete validation logic in JSON Web Token (JWT) libraries can allow unprivileged attackers to impersonate other users in multiple components included in PCF Elastic Runtime, aka an "Unauthenticated JWT signing algorithm in multiple components" issue.
Published: 2017-06-13T06:00:00.000Z
Updated: 2024-08-05T14:02:07.773Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.