Cloud Foundry
Approved changes feed: RSS · Atom
cpe:2.3:a:cloudfoundry:cloud_foundry:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Cloudfoundry (3aa6768c-437d-5100-a420-b037598cadb4) |
|---|---|
| Product | Cloud Foundry (52dc1d99-0ea4-5eb3-9284-10144ae34608) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-22727 |
vulnerable | 2026-06-03 15:15:54.031038 |
Cloud Foundry unprotected internal endpoints
HIGH (7.5)
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.
Published: 2026-03-17T22:45:09.247Z
Updated: 2026-03-19T03:55:20.318Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38826 |
vulnerable | 2026-06-03 14:56:19.685372 |
CVE-2024-38826 Cloud Controller Denial of Service Attack
Authenticated users can upload specifically crafted files to leak server resources. This behavior can potentially be used to run a denial of service attack against Cloud Controller.
The Cloud Foundry project recommends upgrading the following releases:
* Upgrade capi release version to 1.194.0 or greater
* Upgrade cf-deployment version to v44.1.0 or greater. This includes a patched capi release
Published: 2024-11-11T05:33:44.634Z
Updated: 2025-03-17T22:00:39.865Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.