com.typesafe.play:play_2.12

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.typesafe.play:play_2.12page 1 of 1

CVE-2018-13864HIGHCVSS 7.5EG 7.5✓ Fixed in 2.6.16
2018-07-17
vulnerable: 2.6.12, 2.6.13, 2.6.14, 2.6.15
A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server v…
CVE-2020-12480MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.8.2
2020-08-17
vulnerable: 2.8.0, 2.8.1
In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed.
CVE-2022-31018HIGHCVSS 7.5EG 7.5✓ Fixed in 2.8.16
2022-06-02
vulnerable: 2.8.10 ... 2.8.9-RC1 (15 versions)
Play Framework is a web framework for Java and Scala. A denial of service vulnerability has been discovered in verions 2.8.3 through 2.8.15 of Play's forms library, in both the Scala and Java APIs. This can occur when using either the `For…
CVE-2022-31023MEDIUMCVSS 5.9EG 5.9✓ Fixed in 2.8.16
2022-06-02
vulnerable: 2.6.0 ... 2.8.9-RC1 (78 versions)
Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, i…

Check whether com.typesafe.play:play_2.12 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.typesafe.play:play_2.12 CVEs against the assets you own.

Start Free Scan →