Filtered by vendor Pivotal Software Subscriptions
Filtered by product Cloud Foundry Diego Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-1265 2 Cloudfoundry, Pivotal Software 2 Cf-deployment, Cloud Foundry Diego 2024-11-21 N/A
Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell.