Vulnerability in Cloud Foundry Garden-runc

CVE-2018-1191

Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.

EPSS: 0.003 (57.4th percentile) — read the EPSS interpretation.

Affected products

Cloud Foundry Garden-runc — versions Versions prior to 1.11.0

Weakness classification (CWE)

CWE-215 — Insertion of Sensitive Information Into Debugging Code

References

www.cloudfoundry.org/blog/cve-2018-1191/ (x_refsource_CONFIRM)