Vulnerabilities > Cloudfoundry > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2022-31733 | Improper Certificate Validation vulnerability in Cloudfoundry Cf-Deployment and Diego Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. | 9.1 |
| 2022-12-27 | CVE-2018-25046 | Path Traversal vulnerability in Cloudfoundry Archiver Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | 9.1 |
| 2017-05-25 | CVE-2016-0761 | Data Processing Errors vulnerability in multiple products Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host. | 10.0 |