{"id":"CVE-2017-8035","details":"An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.35.0 and cf-release versions after v244 and prior to v268. A carefully crafted CAPI request from a Space Developer can allow them to gain access to files on the Cloud Controller VM for that installation.","modified":"2026-04-10T04:01:07.583146Z","published":"2017-07-25T04:29:00.257Z","references":[{"type":"ADVISORY","url":"https://www.cloudfoundry.org/cve-2017-8035/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry-attic/cf-release","events":[{"introduced":"1a84cd71377a1ac645f76c686156142ea0685067"},{"fixed":"befcb8a72297f8f132ee6cb4653d7d20cbd57041"}],"database_specific":{"versions":[{"introduced":"245"},{"fixed":"268"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/capi-release","events":[{"introduced":"c952006df4174249d91e296c799ab54361822477"},{"fixed":"ae579cbaab4cfea17e5b85e4db9a83b4c8d52b23"}],"database_specific":{"versions":[{"introduced":"1.7.0"},{"fixed":"1.35.0"}]}}],"versions":["1.10.0","1.11.0","1.12.0","1.13.0","1.14.0","1.15.0","1.16.0","1.19.0","1.20.0","1.21.0","1.22.0","1.23.0","1.24.0","1.25.0","1.26.0","1.27.0","1.28.0","1.30.0","1.31.0","1.32.0","1.33.0","1.34.0","1.7.0","1.8.0","1.9.0","v245","v249","v253","v260","v262"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8035.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}