Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11084 | 1 Cloudfoundry | 1 Garden-runc | 2019-10-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps. | |||||
| CVE-2018-1277 | 1 Cloudfoundry | 2 Cf-deployment, Garden-runc | 2018-06-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS against the cell. | |||||