Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2025-22246
- EPSS 0.04%
- Published 13.05.2025 05:14:40
- Last modified 11.07.2025 15:50:39
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.
5.4
CVE-2025-22216
- EPSS 0.03%
- Published 31.01.2025 06:15:30
- Last modified 31.01.2025 18:15:38
A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their jsessionid to access other zones.
3.9
CVE-2024-38806
- EPSS 0.02%
- Published 18.07.2024 19:15:12
- Last modified 21.11.2024 09:26:50
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , potentially resulting in users retaining access rights they should not have. This...
1