CVE-2019-3781
- Source
- https://cve.org/CVERecord?id=CVE-2019-3781
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-3781.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-3781
- Downstream
- Related
- Published
- 2019-03-07T18:29:00.587Z
- Modified
- 2026-04-11T20:51:56.495680Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password.
- References
Affected packages
Git / github.com/cloudfoundry/cli
Affected ranges
- Type
- GIT
- Repo
- https://github.com/cloudfoundry/cli
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "cpe": "cpe:2.3:a:cloudfoundry:command_line_interface:*:*:*:*:*:*:*:*", "source": "CPE_FIELD", "extracted_events": [ { "introduced": "0" }, { "fixed": "6.43.0" } ] }
Affected versions
Other
push
st
v9000
v9001
v0.*
v0.0.1.alpha
v6.*
v6.0.0
v6.0.0-beta
v6.0.0-beta2
v6.0.1234
v6.1.0
v6.1.1
v6.1.2
v6.10.0
v6.11.0
v6.11.1
v6.11.2
v6.11.3
v6.12.0
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.13.0
v6.14.0
v6.14.1
v6.15.0
v6.16.0
v6.17.0
v6.17.1
v6.18.0
v6.18.1
v6.19.0
v6.2.0
v6.20.0
v6.21.0
v6.21.1
v6.22.1
v6.23.0
v6.23.1
v6.24.0
v6.25.0
v6.26.0
v6.27.0
v6.28.0
v6.29.0
v6.29.1
v6.29.2
v6.3.0
v6.3.1
v6.3.2
v6.30.0
v6.31.0
v6.32.0
v6.33.0
v6.33.1
v6.34.0
v6.34.1
v6.35.0
v6.35.1
v6.35.2
v6.36.0
v6.36.1
v6.37.0
v6.38.0
v6.39.0
v6.39.1
v6.4.0
v6.40.0
v6.40.1
v6.41.0
v6.42.0
v6.5.0
v6.5.1
v6.6.0
v6.6.1
v6.6.2
v6.7.0
v6.8.0
v6.9.0