SecAlerts
CVE ListPricingSign Up
pivotal logo

pivotal

Security Risk Profile

36
/100
low

Security Risk Score

Comprehensive risk assessment based on 43 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from January 14, 2014 to present

43
Total CVEs
24
Critical+High
2
Exploited
18
Unpatched

Threat Assessment

Avg CVSS
6.9
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
18
Critical/High
Risk Level
36/100
low
⚠️ 2 Active Exploits

Severity Distribution

Critical
2
High
22
Medium
17
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
3

Age Distribution

Common Weaknesses (CWE)

1
Path Traversal
2
2
CSRF
2
3
XSS
2
4
Infoleak
2
5
SQL Injection
2

Most Affected Products

1. Cloudfoundry User Account And Authentication33
2. Pivotal Cloud Foundry Elastic Runtime29
3. Pivotal Spring Security Oauth18
4. Pivotal Elastic Runtime14
5. IBM Operational Decision Manager12

Recent Vulnerabilities

See more →
CVE-2026-2818
CVSS 8.2EPSS 0%high

Zip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)

2/20/2026🔧 No Patch
CVE-2025-41254
CVSS 4.3medium

Spring Framework STOMP CSRF Vulnerability

10/16/2025
REDHAT-BUG-2395723
CVSS 7.0high
9/16/2025🔧 No Patch
CVE-2025-48927
CVSS 5.3EPSS 0%medium

TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

5/28/2025⚠ Exploited
CVE-2025-30219
CVSS 6.1EPSS 0%medium

RabbitMQ has XSS Vulnerability in an Error Message in Management UI

3/25/2025
https://www.theregister.com/2025/01/23/oracle_patch_linux/
unknown

Oracle emits 603 patches, names one it wants you to worry about soon

1/23/2025⚠ Exploited🔧 No Patch
CVE-2024-22263
CVSS 8.8high

Arbitrary File Write Vulnerability in Spring Cloud Data Flow

6/19/2024🔧 No Patch
CVE-2023-34061
CVSS 7.5high

– Gorouter route pruning

1/12/2024🔧 No Patch
CVE-2023-34054
CVSS 7.5high

Reactor Netty HTTP Server Metrics DoS Vulnerability

11/28/2023
CVE-2023-34062
CVSS 7.5high
11/15/2023

Monitor pivotal in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.