CVE-2024-38826
Nov. 12, 2024, 1:55 p.m.
None
No Score
Description
Authenticated users can upload specifically crafted files to leak server resources. This behavior can potentially be used to run a denial of service attack against Cloud Controller.
The Cloud Foundry project recommends upgrading the following releases:
* Upgrade capi release version to 1.194.0 or greater
* Upgrade cf-deployment version to v44.1.0 or greater. This includes a patched capi release
Product(s) Impacted
Product | Versions |
---|---|
Cloud Foundry |
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
Tags
Timeline
Published: Nov. 11, 2024, 6:15 a.m.
Last Modified: Nov. 12, 2024, 1:55 p.m.
Last Modified: Nov. 12, 2024, 1:55 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@vmware.com
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.