VulnerableCode Package Details - pkg:maven/com.typesafe.play/play-java@2.7.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.typesafe.play/play-java@2.7.6

Essentials
History (2)

purl	pkg:maven/com.typesafe.play/play-java@2.7.6

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-r21j-tf23-vuh2	Out-of-bounds Write An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service.	CVE-2020-27196 GHSA-h48w-c35p-6m8x
VCID-z911-wjbu-kfcf	Uncontrolled Recursion In Play Framework, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.	CVE-2020-26883 GHSA-p8p6-rcp6-4mrm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:41:31.489978+00:00	GitLab Importer	Fixing	VCID-r21j-tf23-vuh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play-java/CVE-2020-27196.yml	38.6.0
2026-06-02T04:41:27.706544+00:00	GitLab Importer	Fixing	VCID-z911-wjbu-kfcf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play-java/CVE-2020-26883.yml	38.6.0