{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T16:27:54.360","vulnerabilities":[{"cve":{"id":"CVE-2020-5401","sourceIdentifier":"security@pivotal.io","published":"2020-02-27T20:15:11.500","lastModified":"2024-11-21T05:34:04.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app."},{"lang":"es","value":"Cloud Foundry Routing Release, versiones anteriores a 0.197.0, contiene GoRouter, que permite a clientes maliciosos enviar encabezados no válidos, causando que las capas de almacenamiento caché rechacen a clientes legítimos posteriores que intentan acceder a la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV30":[{"source":"security@pivotal.io","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@pivotal.io","type":"Secondary","description":[{"lang":"en","value":"CWE-393"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudfoundry:routing_release:*:*:*:*:*:*:*:*","versionEndExcluding":"0.197.0","matchCriteriaId":"37C4488F-846E-4C30-9156-AF9957F96582"}]}]}],"references":[{"url":"https://www.cloudfoundry.org/blog/cve-2020-5401","source":"security@pivotal.io","tags":["Vendor Advisory"]},{"url":"https://www.cloudfoundry.org/blog/cve-2020-5401","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}