Latest Vulnerabilities Affecting Pivotal Software products

Date CVE Title CVSS
2019-05-06 CVE-2019-3797 Information Leak / Disclosure vulnerability in Pivotal Software Spring Data Java Persistence API 1.11.0/2.0.0/2.1.0 Medium
2019-05-06 CVE-2019-3799 Path Traversal vulnerability in Pivotal Software Spring Cloud Config 1.4.0/2.0.0/2.1.0 Medium
2019-04-24 CVE-2019-3793 Authentication Issues vulnerability in Pivotal Software Application Service 665.0.0/666.0.0/667.0.0 Medium
2019-04-09 CVE-2019-3795 Insufficient Entropy in PRNG vulnerability in Pivotal Software Spring Security Medium
2019-04-01 CVE-2019-3792 SQL Injection vulnerability in Pivotal Software Concourse 4.2.3/5.0.0 Medium
2019-03-07 CVE-2019-3777 Improper Certificate Validation vulnerability in Pivotal Software Application Service 2.2.0/2.3.0/2.4.0 Medium
2019-03-07 CVE-2019-3778 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pivotal Software Spring Security Oauth Medium
2019-03-07 CVE-2019-3776 Cross-Site Scripting (XSS) vulnerability in Pivotal Software Operations Manager Low
2019-01-18 CVE-2019-3773 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Pivotal Software Spring WEB Services 2.4.3 High
2019-01-18 CVE-2019-3774 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Pivotal Software Spring Batch 3.0.9/4.1.0 High
2019-01-18 CVE-2019-3772 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Oracle and Pivotal Software products High
2019-01-12 CVE-2019-3803 Information Leak / Disclosure vulnerability in Pivotal Software Concourse 4.2.2 Medium
2018-12-19 CVE-2018-15801 Insufficient Verification of Data Authenticity vulnerability in Pivotal Software Spring Framework 5.1.0 Medium
2018-12-19 CVE-2018-15798 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pivotal Software Concourse 4.0.0 Medium
2018-12-13 CVE-2018-15754 Credentials Management vulnerability in Pivotal Software Cloud Foundry UAA Release 60.0 Medium