2 matches found
CVE-2019-17598
An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host...
CVE-2019-17598
CVE-2019-17598 affects Lightbend Play Framework (2.5.x–2.6.23) and its play-ws component. When configured to proxy requests through an authenticated HTTP proxy, under high load, HTTPS connections to a target host may reveal proxy credentials to that host. Impact is information disclosure; details...