Search for packages
| purl | pkg:maven/com.typesafe.play/play@2.6.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-378h-ypwm-f7hn
Aliases: CVE-2020-26882 GHSA-r8rm-4hfj-2x87 |
Uncontrolled Recursion In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-r21j-tf23-vuh2
Aliases: CVE-2020-27196 GHSA-h48w-c35p-6m8x |
Out-of-bounds Write An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-z911-wjbu-kfcf
Aliases: CVE-2020-26883 GHSA-p8p6-rcp6-4mrm |
Uncontrolled Recursion In Play Framework, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:41:29.708720+00:00 | GitLab Importer | Affected by | VCID-z911-wjbu-kfcf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-26883.yml | 38.6.0 |
| 2026-06-02T04:41:28.900484+00:00 | GitLab Importer | Affected by | VCID-378h-ypwm-f7hn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-26882.yml | 38.6.0 |
| 2026-06-02T04:41:28.055677+00:00 | GitLab Importer | Affected by | VCID-r21j-tf23-vuh2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-27196.yml | 38.6.0 |