Vulnerabilities > Lightbend > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2019-17598 | Inadequate Encryption Strength vulnerability in Lightbend Play Framework An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. | 4.3 |
| 2018-10-31 | CVE-2018-18854 | Resource Exhaustion vulnerability in Lightbend Spray-Json Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code). | 5.0 |
| 2018-10-31 | CVE-2018-18853 | Resource Exhaustion vulnerability in Lightbend Spray-Json Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of a field composed of many decimal digits. | 5.0 |
| 2018-08-29 | CVE-2018-16115 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Lightbend Akka Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. | 6.4 |
| 2018-07-17 | CVE-2018-13864 | Path Traversal vulnerability in Lightbend Play Framework A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. | 5.0 |