Vulnerabilities > Playframework

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-29	CVE-2014-3630	XXE vulnerability in multiple products XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data. network low complexity playframework lightbend CWE-611 critical	9.8
2017-10-18	CVE-2015-2156	Improper Input Validation vulnerability in multiple products Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters. network low complexity netty playframework lightbend CWE-20	7.5

Vulnerabilities > Playframework {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Playframework"}]}