Package impact
Maven / org.cloudfoundry.identity:cloudfoundry-identity-server
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-3189 | low | 3.7 | 3.7 | 9y ago | Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password | |||
| CVE-2018-1192 | unknown | — | — | 4y ago | Cloud Foundry UAA SessionID present in Audit Event Logs | |||
| CVE-2018-11041 | unknown | — | — | 4y ago | Cloud Foundry UAA open redirect | |||
| CVE-2018-11047 | unknown | — | — | 4y ago | Cloud Foundry UAA accepts refresh token as access token on admin endpoints | |||
| CVE-2018-15761 | unknown | — | — | 4y ago | Cloud Foundry UAA Privilege Escalation | |||
| CVE-2018-1190 | unknown | — | — | 4y ago | Pivotal Cloud Foundry UAA XSS on UAA OpenID Connect check session iframe endpoint | |||
| CVE-2018-1262 | unknown | — | — | 4y ago | UAA privilege escalation across identity zones |