First published: Tue Oct 24 2017(Updated: )
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cloudfoundry Cf-release | <216 | |
Pivotal Software Cloud Foundry Elastic Runtime | <1.7.0 | |
Pivotal Software Cloud Foundry Uaa | <2.5.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.