Vulnerabilities > Pivotal Software > Pivotal Application Service > 1.12.14

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-11044 Improper Input Validation vulnerability in Pivotal Software Pivotal Application Service
Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails.
network
low complexity
pivotal-software CWE-20
6.5
6.5
2018-05-11 CVE-2018-1278 Incorrect Authorization vulnerability in Pivotal Software Pivotal Application Service
Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability.
network
low complexity
pivotal-software CWE-863
6.5
6.5