VYPR

Maven package

co.fs2/fs2-io_3

pkg:maven/co.fs2/fs2-io_3

Vulnerabilities (2)

  • CVE-2025-58369MedSep 5, 2025
    affected >= 3.0.0-M1, < 3.12.2fixed 3.12.2

    fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When es

  • CVE-2022-31183Aug 1, 2022
    affected >= 3.1.0, < 3.2.11fixed 3.2.11

    fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert = true` is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1