CVE-2016-6639

Published: Sep 18, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/cloudfoundry/php-buildpack/commit/e2db3ccd4812e0c0aba20720fc51789d981aba67

x_refsource_CONFIRM

https://pivotal.io/security/cve-2016-6639

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-6639

Description

Affected Products

References