Cloud Foundry Routing Improper Input Validation vulnerability
High severity
GitHub Reviewed
Published
May 18, 2021
to the GitHub Advisory Database
•
Updated May 20, 2024
Package
Affected versions
< 0.0.0-20191101214924-b1b5c44e050f
Patched versions
0.0.0-20191101214924-b1b5c44e050f
Description
Reviewed
May 17, 2021
Published to the GitHub Advisory Database
May 18, 2021
Last updated
May 20, 2024
Cloud Foundry Routing, all versions before 0.0.0-20191101214924-b1b5c44e050f, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash.
References