Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cloud Controller is vulnerable to denial of service via YAML parsing
Vulnerability Description
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Cloud Foundry Cloud Controller 资源管理错误漏洞
Vulnerability Description
Cloud Foundry Cloud Controller是Cloud Foundry基金会的一个用于在Cloud Foundry架构中负责与用户交互的组件。该组件负责管理app的整个生命周期,用户可通过命令行与Cloud Server 交互。 CAPI (Cloud Controller) 1.101.0 之前版本存在安全漏洞,该漏洞源于容易受到拒绝服务攻击,在拒绝服务攻击中,未经身份验证的恶意攻击者可利用该漏洞可以将特别制作的YAML文件发送到某些端点,从而导致YAML解析器消耗过多的CPU和RAM
CVSS Information
N/A
Vulnerability Type
N/A