Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0643

Malware in sbrugna...

9.1CVSS9.2AI score0.01186EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35750

Malicious code in bioql PyPI...

7.5CVSS7.8AI score0.00645EPSS
Exploits0References2
NVD
NVD
added 2023/05/11 2:15 a.m.22 views

CVE-2023-31442

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...

7.5CVSS7.5AI score0.00645EPSS
Exploits0References2
Prion
Prion
added 2023/05/11 2:15 a.m.18 views

Design/Logic Flaw

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...

5CVSS7.4AI score0.00645EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.11 views

CVE-2023-31442

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...

7.5AI score0.00645EPSS
Exploits0References2
OSV
OSV
added 2018/10/22 8:37 p.m.1 views

GHSA-9QGC-P27W-3HJG High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.5CVSS7.1AI score0.03054EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2018/10/22 8:37 p.m.25 views

High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS5.1AI score0.03054EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2018/08/30 1:29 p.m.19 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS7.4AI score0.03054EPSS
Exploits0References4
OSV
OSV
added 2018/08/30 1:29 p.m.14 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.5CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2018/08/30 1:29 p.m.14 views

Design/Logic Flaw

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS7.3AI score0.03054EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/08/30 1:0 p.m.16 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.3AI score0.03054EPSS
Exploits0References4
CVE
CVE
added 2018/08/30 1:0 p.m.79 views

CVE-2018-16131

The CVE-2018-16131 issue affects Lightbend Akka HTTP, specifically the decodeRequest and decodeRequestWith directives in Akka HTTP 10.0.x (up to 10.0.13) and 10.1.x (up to 10.1.4). The root cause is that these directives allow decompression of unbounded input, enabling a ZIP bomb to cause a denia...

7.8CVSS7.2AI score0.03054EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/08/29 10:29 p.m.12 views

CVE-2018-16115

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

9.1CVSS6.6AI score
Exploits0References1
NVD
NVD
added 2018/08/29 10:29 p.m.17 views

CVE-2018-16115

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

9.1CVSS9AI score0.01186EPSS
Exploits0References1
CVE
CVE
added 2018/08/29 10:0 p.m.88 views

CVE-2018-16115

CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...

9.1CVSS8.9AI score0.01186EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/08/29 10:0 p.m.26 views

CVE-2018-16115

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...

9.1AI score0.01186EPSS
Exploits0References1
Rows per page
Query Builder