Описание
Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.9.0 (исключая)Версия до 1.11.0 (исключая)
Одно из
cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudfoundry:garden-runc-release:*:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00346
Низкий
8.8 High
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-215
CWE-200
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.
EPSS
Процентиль: 57%
0.00346
Низкий
8.8 High
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-215
CWE-200