Hand-Picked Top-Read Stories

g5cybersecuritypostcoverdarkbluev1 Blog G5 Cyber Security

CVE-2020-27196 – An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2

March 6, 2022

An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27196

Reference (s):

https://www.playframework.com/security/vulnerability
https://www.playframework.com/security/vulnerability/CVE-2020-27196-DosViaJsonStackOverflow

CVEs

CVE-2020-27180 – konzept-ix publiXone before 2020.015 allows attackers to download files b

March 6, 2022

CVEs

CVE-2020-27212 – STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

March 6, 2022

Hand-Picked Top-Read Stories

Andrew Wheatley | The artificial intelligence and data protection conundrum

Delroy McLean | Dealing with cybersecurity

Historic Cyber workshop for the Caribbean

Trending Tags

CVE-2020-27196 – An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2

Previous Post

CVE-2020-27180 – konzept-ix publiXone before 2020.015 allows attackers to download files b

Next Post

CVE-2020-27212 – STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

CVE-2020-27196 – An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2

Previous Post

Next Post

Related Posts