Vulnerabilities > Cloudfoundry > CF Deployment > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2022-31733 | Improper Certificate Validation vulnerability in Cloudfoundry Cf-Deployment and Diego Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. | 9.1 |
| 2019-04-25 | CVE-2019-3801 | Cleartext Transmission of Sensitive Information vulnerability in Cloudfoundry Cf-Deployment Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. | 9.8 |