cloudfoundry uaa-release CVE 漏洞(3)

CVE 数: 3 CPE versions: View versions table

摘要

本页列出影响 cloudfoundry uaa-release 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 133 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-22723 Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0. [email protected] 6.5 0.22% 2026-03-05 2026-06-17
CVE-2017-8031 An issue was discovered in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1). In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for other users on the same client. This occurs only if the client is using opaque tokens or JWT tokens validated using the check_token endpoint. A malicious actor could cause denial of service. [email protected] 5.3 1.09% 2017-11-27 2026-06-16
CVE-2016-0732 The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors. [email protected] 8.8 1.15% 2017-09-07 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence