16 matches found
EUVD-2018-0643
Malware in sbrugna...
EUVD-2023-35750
Malicious code in bioql PyPI...
CVE-2023-31442
In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...
Design/Logic Flaw
In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...
CVE-2023-31442
In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...
GHSA-9QGC-P27W-3HJG High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
CVE-2018-16131
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
CVE-2018-16131
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
Design/Logic Flaw
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
CVE-2018-16131
The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...
CVE-2018-16131
The CVE-2018-16131 issue affects Lightbend Akka HTTP, specifically the decodeRequest and decodeRequestWith directives in Akka HTTP 10.0.x (up to 10.0.13) and 10.1.x (up to 10.1.4). The root cause is that these directives allow decompression of unbounded input, enabling a ZIP bomb to cause a denia...
CVE-2018-16115
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...
CVE-2018-16115
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...
CVE-2018-16115
CVE-2018-16115 affects Lightbend Akka 2.5.x prior to 2.5.16, where an RNG bug in AES128CounterSecureRNG/AES256CounterSecureRNG used in Akka Remoting (TLS for classic and Artery) can cause repeated random numbers. This enables an attacker to eavesdrop, replay, or modify messages in Akka Remoting/C...
CVE-2018-16115
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS both classic and Artery Remoting. Akka allows configuration of custom random number generators. For historical reasons, Akka included t...