VYPR

Fs2

by Typelevel

Source repositories

CVEs (2)

  • CVE-2025-58369MedSep 5, 2025
    risk 0.27cvss 5.3epss 0.00

    fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When…

  • CVE-2022-31183Aug 1, 2022
    risk 0.00cvss epss 0.01

    fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert = true` is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to:…