Pivotal Cloud Foundry Elastic Runtime vulnerabilities

CVE-2016-0715 [MEDIUM] CWE-200 CVE-2016-0715: Pivotal Cloud Foundry Elastic Runtime version 1 Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote inf

CVE-2016-0708 [MEDIUM] CWE-200 CVE-2016-0708: Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote di Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script