Cryptographically Weak Pseudo-Random Number Generator (PRNG) in akka-actor

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

GHSA-MR95-9RR4-668F Cryptographically Weak Pseudo-Random Number Generator (PRNG) in akka-actor

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

CVE-2018-16115

CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...

Akka Remoting Component Remote Code Execution Vulnerability

Akka is an open source toolkit for building highly concurrent and distributed message-driven applications.Remoting component is one of the remote interaction component. A security vulnerability exists in the Remoting component in Akka versions 2.4.16 and earlier and 2.5-M1. A remote attacker can...