Loading HuntDB...

GHSA-84j7-fm4m-279g

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated malicious user with read permissions can request package information and receive a signed bit-service url that grants the user write permissions to the bit-service.

Related CVEs

Key Information

GHSA ID
GHSA-84j7-fm4m-279g
Published
May 24, 2022 10:01 PM
Last Modified
May 24, 2022 10:01 PM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 7, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.