Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cloudfoundry.org/blog/cve-2020-5420 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: pivotal
Published: 2020-09-03T01:10:16.091101Z
Updated: 2024-09-17T02:06:44.110Z
Reserved: 2020-01-03T00:00:00
Link: CVE-2020-5420
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-03T01:15:10.857
Modified: 2024-11-21T05:34:08.187
Link: CVE-2020-5420
Redhat
No data.