VYPR

Maven package

com.softwaremill.akka-http-session/core_2.12

pkg:maven/com.softwaremill.akka-http-session/core_2.12

Vulnerabilities (2)

  • CVE-2020-28452MedJan 20, 2021
    affected >= 0.3.0, < 0.6.1fixed 0.6.1

    This affects the package com.softwaremill.akka-http-session:core_2.12 from 0 and before 0.6.1; all versions of package com.softwaremill.akka-http-session:core_2.11; the package com.softwaremill.akka-http-session:core_2.13 from 0 and before 0.6.1. CSRF protection can be bypassed b

  • CVE-2020-7780MedNov 27, 2020
    affected < 0.5.11fixed 0.5.11

    This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. For older versions, endpoints protected by randomTo