Search for packages
| purl | pkg:maven/com.typesafe.play/play@2.7.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-378h-ypwm-f7hn | Uncontrolled Recursion In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input. |
CVE-2020-26882
GHSA-r8rm-4hfj-2x87 |
| VCID-r21j-tf23-vuh2 | Out-of-bounds Write An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service. |
CVE-2020-27196
GHSA-h48w-c35p-6m8x |
| VCID-z911-wjbu-kfcf | Uncontrolled Recursion In Play Framework, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents. |
CVE-2020-26883
GHSA-p8p6-rcp6-4mrm |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:41:29.721165+00:00 | GitLab Importer | Fixing | VCID-z911-wjbu-kfcf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-26883.yml | 38.6.0 |
| 2026-06-02T04:41:28.913013+00:00 | GitLab Importer | Fixing | VCID-378h-ypwm-f7hn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-26882.yml | 38.6.0 |
| 2026-06-02T04:41:28.070113+00:00 | GitLab Importer | Fixing | VCID-r21j-tf23-vuh2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.play/play/CVE-2020-27196.yml | 38.6.0 |