COOEY // HUBcompliance · community · intelligence

FAIL › dossier

VMware Tanzu vendor

3
failure events
0
zero-days
2
RCEs
3
on KEV
1
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2022-03-25 CVE-2018-1273 critical ⚡RCE ⌖KEV 95 Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.
2022-08-25 CVE-2022-22963 high ⚡RCE ⌖KEV 65 When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
2022-03-25 CVE-2020-5410 high ⌖KEV 50 Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.