Known vulnerabilities in the com.typesafe.akka:akka-http_2.12 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Creation of Temporary File With Insecure Permissions Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions such that when it accepts file uploads via the `FileUploadDirectives.fileUploadAll` directive, the temporary file it creates has too weak permissions and it is readable by other users on Linux or UNIX. Note: This issue is similar to CVE-2022-41946. How to fix Creation of Temporary File With Insecure Permissions? Upgrade `com.typesafe.akka:akka-http_2.12` to version 10.5.2 or higher.	[,10.5.2)

Creation of Temporary File With Insecure Permissions

Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions such that when it accepts file uploads via the FileUploadDirectives.fileUploadAll directive, the temporary file it creates has too weak permissions and it is readable by other users on Linux or UNIX.

Note: This issue is similar to CVE-2022-41946.

How to fix Creation of Temporary File With Insecure Permissions?

Upgrade com.typesafe.akka:akka-http_2.12 to version 10.5.2 or higher.

[,10.5.2)

Go back to all versions of this package