Vulnerabilities > Pivotal Software > Cloud Foundry Elastic Runtime > 1.8.6

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-29	CVE-2016-6658	Information Exposure vulnerability in multiple products Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. network low complexity cloudfoundry pivotal-software CWE-200	4.0
2017-06-13	CVE-2017-4959	Privilege Escalation vulnerability in Pivotal Cloud Foundry Elastic Runtime An issue was discovered in Pivotal PCF Elastic Runtime 1.8.x versions prior to 1.8.29 and 1.9.x versions prior to 1.9.7. network low complexity pivotal-software	6.5
2017-06-13	CVE-2017-4955	Information Exposure Through Log Files vulnerability in Pivotal Software Cloud Foundry Elastic Runtime An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. network low complexity pivotal-software CWE-532	5.0
2017-06-13	CVE-2017-2773	Improper Input Validation vulnerability in Pivotal Software Cloud Foundry Elastic Runtime An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.60, 1.7.x versions prior to 1.7.41, 1.8.x versions prior to 1.8.23, and 1.9.x versions prior to 1.9.1. network low complexity pivotal-software CWE-20	7.5
2016-12-16	CVE-2016-6657	Open Redirect vulnerability in Pivotal Software products An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components. network pivotal-software CWE-601	5.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.