Cloud Foundry Garden-Runc vulnerabilities

CVE-2018-11084 [MEDIUM] CVE-2018-11084: Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environme Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps.

CVE-2018-1277 [MEDIUM] CWE-400 CVE-2018-1277: Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Dock Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS against the cell.

CVE-2018-1191 [HIGH] CWE-215 CVE-2018-1191: Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticated actions using those credentials.