This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Pivotal Software | First view | 2018-06-06 |
| Product | Cloud Foundry Diego | Last view | 2018-06-06 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:pivotal_software:cloud_foundry_diego:*:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.2 | 2018-06-06 | CVE-2018-1265 | Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
