6 matches found
EUVD-2022-6107
Malicious code in bioql PyPI...
CVE-2022-31023
Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...
Code injection
Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...
CVE-2022-31023 Dev error stack trace leaking into prod in Play Framework
Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...
CVE-2022-31023 Dev error stack trace leaking into prod in Play Framework
Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...
CVE-2022-31023
CVE-2022-31023 affects Play Framework prior to 2.8.16. The issue arises when verbose error pages are shown in production due to DefaultHttpErrorHandler being used or misconfigured, potentially exposing sensitive information via exception stacks in error messages. The problem is rooted in how Play...