本页列出影响 cloudfoundry loggregator 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2018-1269 | Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service. | [email protected] | 6.5 | 1.06% | 2018-06-06 | 2024-11-21 |
| CVE-2018-1268 | Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app. | [email protected] | 6.8 | 1.01% | 2018-06-06 | 2024-11-21 |