Maven package
co.fs2/fs2-io_2.12
pkg:maven/co.fs2/fs2-io_2.12
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58369 | Med | 5.3 | >= 3.0.0-M1, < 3.12.2 | 3.12.2 | Sep 5, 2025 | fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When es | |
| CVE-2022-31183 | — | >= 3.1.0, < 3.2.11 | 3.2.11 | Aug 1, 2022 | fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert = true` is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1 |
- affected >= 3.0.0-M1, < 3.12.2fixed 3.12.2
fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When es
- CVE-2022-31183Aug 1, 2022affected >= 3.1.0, < 3.2.11fixed 3.2.11
fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert = true` is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1