{"id":"CVE-2016-0780","details":"It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not properly enforce disk quotas in certain cases. An attacker could use an improper disk quota value to bypass enforcement and consume all the disk on DEAs/CELLs causing a potential denial of service for other applications.","modified":"2026-04-10T03:45:55.682668Z","published":"2017-05-25T17:29:00.520Z","references":[{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2016-0780"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/cf-release","events":[{"introduced":"0"},{"last_affected":"9e31b98e104825c136d96a711bec2135f4a6ed33"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"231"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa","events":[{"introduced":"0"},{"last_affected":"c949d79a23f9311576b19061b1e5a15c4e42a89a"},{"introduced":"0"},{"last_affected":"876859d5695f302f2a6e571596cd5c0fbe3dddcc"},{"introduced":"0"},{"last_affected":"05f39ead8122b80b70c77fd921367f099f52df0d"},{"introduced":"0"},{"last_affected":"955751a4848f8d523679d519a490a7d6b5c59bee"},{"introduced":"0"},{"last_affected":"b0c191d9bc0c3cdcbad8ab74b6098777378e836e"},{"introduced":"0"},{"last_affected":"ae59bf11fec166fd075b1dbead2ae16effa57e3f"},{"introduced":"0"},{"last_affected":"96b1fc8e3a982b6f478e363f3919a4a16e0a6a92"},{"introduced":"0"},{"last_affected":"58caa488fe3cc30f745b9f5079c42141d606436b"},{"introduced":"0"},{"last_affected":"e0080f861db5b30c0793973e5c4fff7153040ecb"},{"introduced":"0"},{"last_affected":"bb75c2730c921667652b4589d67bec2246b1f306"},{"introduced":"0"},{"last_affected":"cde7ba5da9b64cb45bd64c61c6fb2899bbc3e0f2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.5.0"},{"introduced":"0"},{"last_affected":"1.5.1"},{"introduced":"0"},{"last_affected":"1.5.2"},{"introduced":"0"},{"last_affected":"1.5.3"},{"introduced":"0"},{"last_affected":"1.5.4"},{"introduced":"0"},{"last_affected":"1.6.0"},{"introduced":"0"},{"last_affected":"1.6.1"},{"introduced":"0"},{"last_affected":"1.6.2"},{"introduced":"0"},{"last_affected":"1.6.3"},{"introduced":"0"},{"last_affected":"1.6.4"},{"introduced":"0"},{"last_affected":"1.6.5"}]}}],"versions":["-","1.0.1","1.0.3","1.1","1.1.1","1.1.2","1.2.0","1.2.6","1.4.0","1.4.1","1.4.2","1.4.3","1.4.5","1.4.6","1.4.7","1.5.0","1.5.1","1.5.2","1.5.2.1","1.5.3","1.5.4","1.5.4.1","1.6.0","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5","list","log","rc145.0","scotty_09012012","v100","v102","v103","v104","v105","v109","v119","v132","v133","v134","v135","v136","v137","v140","v143","v156","v157","v161","v170","v183","v205","v231","v99","works-for-us"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0780.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.5.5"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.11"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.12"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.13"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.14"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.15"}]},{"events":[{"introduced":"0"},{"last_affected":"1.5.16"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.7"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.8"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.10"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.11"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.12"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.13"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.14"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.15"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.16"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.17"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}