cloudfoundry/stratos

Issues

• App log streaming breaks with modern cf-deployment

  #5037 opened 2 years ago by ionphractal
  0

• Unable to Register Cloud Foundry Endpoint

  #5033 opened 2 years ago by vineethvkumar
  0

• Autoscale service NOT shown in the Application menu

  #4986 opened 3 years ago by mmavrudiev
  0

• Low Severity: Hidden Directory Detected

  #4973 opened 3 years ago by manojtyagi2021
  0

• Low Severity: Unnecessary Http Response Headers found in the Application

  #4974 opened 3 years ago by manojtyagi2021
  0

• Autoscaler tab hiding

  #4972 opened 3 years ago by msalka
  0

• Sso logout uses different endpoint

  #4949 opened 3 years ago by cache-sk
  0

• cf push failling

  #4951 opened 3 years ago by sathishbob
  0

• Missing or insecure "Content-Security-Policy" header

  #4925 opened 4 years ago by sureshhcl
  0

• Missing or insecure "X-Content-Type-Options" header

  #4926 opened 4 years ago by sureshhcl
  0

• Missing or insecure "X-XSS-Protection" header

  #4927 opened 4 years ago by sureshhcl
  0

• Usability issues on Users panel in CFMR web portal

  #4944 opened 3 years ago by MubasheerHCL
  0

• Setting "Disable session timeout" to true in Stratos does not work

  #4918 opened 4 years ago by MubasheerHCL
  0

• Low: SHA-1 cipher suites were detected

  #4963 opened 3 years ago by manojtyagi2021
  2

• Low: Permanent Cookie Contains Sensitive Session Information

  #4962 opened 3 years ago by manojtyagi2021
  2

• Low: Cookie with Insecure or Improper or Missing SameSite attribute

  #4961 opened 3 years ago by manojtyagi2021
  2

• Low: Missing or insecure HTTP Strict-Transport-Security Header

  #4960 opened 3 years ago by manojtyagi2021
  2

• Medium: Weak cipher suites were detected : Perfect Forward Secrecy is not supported

  #4959 opened 3 years ago by manojtyagi2021
  2

• Medium:Weak Cipher Suites - ROBOT Attack : Vulnerable cipher suites are supported by the server

  #4958 opened 3 years ago by manojtyagi2021
  2

• Medium: Bypass Business Logic (Web Security Vulnerability)

  #4967 opened 3 years ago by mukulk2020
  1

• CrossSiteScripting: Target blank set in HTML anchor tagsCross-Site Scripting

  #4953 opened 3 years ago by mahantsucf
  1

• Cryptography.NonStandard: Pseudorandom number generators are risky

  #4956 opened 3 years ago by mahantsucf
  1

• Configuration: CSP Protection Appears To Be Missing

  #4955 opened 3 years ago by mahantsucf
  1

• Validation.Required.URL: Potential use of variable for URL detected

  #4954 opened 3 years ago by mahantsucf
  1

• AccessControl.Bypass: MooTools Authorization Bypass For Hidden Element

  #4952 opened 3 years ago by mahantsucf
  1

• Database Error Pattern should not be displayed

  #4923 opened 4 years ago by jbuns
  2

• Dependabot can't resolve your Go dependency files

  #4937 opened 4 years ago by dependabot-preview
  0

• Config your server to use the "Content-Security-Policy" header with secure policies

  #4934 opened 4 years ago by sureshhcl
  1

• Missing "Content-Security-Policy" header

  #4933 opened 4 years ago by sureshhcl
  1

• Link to unclassified site

  #4932 opened 4 years ago by sureshhcl
  1

• Internal IP Disclosure Pattern Found

  #4931 opened 4 years ago by sureshhcl
  1

• Integer Overflow

  #4930 opened 4 years ago by sureshhcl
  1

• Email Address Pattern Found

  #4929 opened 4 years ago by sureshhcl
  1

• Application Error

  #4928 opened 4 years ago by sureshhcl
  1

• Encryption Not Enforced

  #4924 opened 4 years ago by sureshhcl
  1

• Non-admin users should not see pod metrics

  #4919 opened 4 years ago by richard-cox
  0

• PrivilegeEscalation : No non-root USER specified in Dockerfile configuration (High Severity Issue)

  #4917 opened 4 years ago by mukulk2020
  1

• CrossSiteScripting.Reflected : Insecure use of Window Open (High Severity Issue)

  #4915 opened 4 years ago by anugu-vijaykanth
  6

• Communications.Unencrypted : Open communication scheme found in code (High Severity Issue)

  #4905 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of document location (High Severity Issue)

  #4909 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of document write function (High Severity Issue)

  #4910 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of Form Action (High Severity Issue)

  #4911 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of Load or Load XML (High Severity Issue)

  #4913 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of Inner/Outer Html (High Severity Issue)

  #4912 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : Insecure use of set attributes (High Severity Issue)

  #4914 opened 4 years ago by anugu-vijaykanth
  1

• CrossSiteScripting.Reflected : JQuery Insecure Manipulation of Child Node (High Severity Issue)

  #4916 opened 4 years ago by anugu-vijaykanth
  1

• Communication misconfiguration in code

  #4904 opened 4 years ago by anugu-vijaykanth
  0

• MooTools Hardcoded Credentials In URI Object

  #4908 opened 4 years ago by anugu-vijaykanth
  1

• Hard coded password for JSON Store

  #4907 opened 4 years ago by anugu-vijaykanth
  1

• Hard coded credentials detected

  #4906 opened 4 years ago by anugu-vijaykanth
  1