187 matches found
CVE-2023-31442
In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...
Improper Authentication
Akka.NET is vulnerable to improper authentication. The vulnerability is due to the lack of mutual TLS enforcement in Akka.Remote, which allows an attacker to connect to a TLS-enabled cluster without presenting a valid client certificate and thereby communicate with the cluster...
Akka.Remote TLS did not properly implement certificate-based authentication
Impact This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to...
GHSA-JHPV-4Q4F-43G5 Akka.Remote TLS did not properly implement certificate-based authentication
Impact This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to...
EUVD-2025-32561
Akka.Remote TLS did not properly implement certificate-based authentication...
CVE-2025-61778
Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...
EUVD-2018-0601
Malware in sbrugna...
EUVD-2021-0909
Malware in sbrugna...
EUVD-2018-0642
Malware in sbrugna...
EUVD-2018-0565
Malware in sbrugna...
EUVD-2018-0643
Malware in sbrugna...
Akka.Remote TLS did not properly implement certificate-based authentication
This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to v1.5.51...
Akka.Remote TLS did not properly implement certificate-based authentication
This is a critical network security vulnerability for Akka.Remote users who have SSL / TLS enabled on their Akka.Remote connections and were expecting certificate-based authentication to be enforced on all peers attempting to join the network. In all versions of Akka.Remote from v1.2.0 to v1.5.51...
User Impersonation
Overview Akka.Remote is a .NET port of the popular Akka project from the Scala / Java community. Affected versions of this package are vulnerable to User Impersonation due to improper implementation of certificate-based authentication in the akka.remote.dot-netty.tcp transport. An attacker can ga...
CVE-2025-61778 Akka.Remote TLS did not properly implement certificate-based authentication
Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...
CVE-2025-61778 Akka.Remote TLS did not properly implement certificate-based authentication
Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...
CVE-2025-61778 Akka.Remote TLS did not properly implement certificate-based authentication
Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our akka.remote.dot-netty.tcp transport and this would correctly enforce private key validation on the server-side of inbound connections...
EUVD-2022-0445
Malicious code in bioql PyPI...
EUVD-2022-1143
Malicious code in bioql PyPI...
EUVD-2025-19463
Malicious code in bioql PyPI...