CVE-2023-20882

MEDIUM 5.9

CVSS Score

5.9

EPSS Score

0.0%

EPSS Percentile

0th

In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected backend as failed and removes it from the routing pool.

CWE	CWE-400
Vendor	n/a
Product	cloud foundry routing release
Published	May 26, 2023
Last Updated	Jan 16, 2025

Stay Ahead of the Next One

Get instant alerts for n/a cloud foundry routing release

Be the first to know when new medium vulnerabilities affecting n/a cloud foundry routing release are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / Cloud Foundry Routing release

Routing release versions from 0.262.0 and prior to 0.266.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cloudfoundry.org: https://www.cloudfoundry.org/blog/cve-2023-20882-gorouter-pruning-via-client-disconnect-resulting-in-dos/