NotCVE - vendor:"Lightbend" product:"Play Framework" version:" >= 2.8.0 <= 2.8.4"

Page 2 of 7 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-26883

https://notcve.org/view.php?id=CVE-2020-26883

In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents. En Play Framework versiones 2.6.0 hasta 2.8.2, el consumo de la pila puede ocurrir debido a una recursividad ilimitada durante el análisis de documentos JSON diseñados • https://www.playframework.com/security/vulnerability https://www.playframework.com/security/vulnerability/CVE-2020-26883-JsonParseUncontrolledRecursion • CWE-674: Uncontrolled Recursion •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-12480

https://notcve.org/view.php?id=CVE-2020-12480

In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed. En Play Framework versiones 2.6.0 hasta 2.8.1, el filtro CSRF puede ser omitido al hacer peticiones simples CORS con tipos de contenido que contienen parámetros que no pueden ser analizados. • https://www.playframework.com/security/vulnerability https://www.playframework.com/security/vulnerability/CVE-2020-12480-CsrfBlacklistBypass • CWE-352: Cross-Site Request Forgery (CSRF) •

1 2