3 matches found
be.venneborg:play26-refined_2.11 (>=0.2.0 <=0.3.0), be.venneborg:play27-refined_2.11 (=0.3.0) +573 more potentially affected by CVE-2018-16115 via com.typesafe.akka:akka-actor_2.11 (>=2.5.0 <=2.5.15)
com.typesafe.akka:akka-actor2.11 MAVEN version =2.5.0, =0.2.0, =0.1.1, =1.4-P26-B3, =1.4-P26-B4 - com.andrewgapic:spark-streaming-twitch =1.0.0 and more Source cves: CVE-2018-16115 Source advisory: OSV:GHSA-MR95-9RR4-668F...
ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +1141 more potentially affected by CVE-2018-16115 via com.typesafe.akka:akka-actor_2.12 (>=2.5.0 <=2.5.15)
com.typesafe.akka:akka-actor2.12 MAVEN version =2.5.0, =0.3.0, =0.5, =0.2.0, =0.1.0, =0.1.0, =0.14.0, =0.17.0 and more Source cves: CVE-2018-16115 Source advisory: OSV:GHSA-MR95-9RR4-668F...
CVE-2018-16115
CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...