com.typesafe.akka:akka-http_3@10.5.0 vulnerabilities

  • latest version

    10.5.3

  • latest non vulnerable version

  • first published

    2 years ago

  • latest version published

    1 years ago

  • licenses detected

  • package manager

  • Direct Vulnerabilities

    Known vulnerabilities in the com.typesafe.akka:akka-http_3 package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Creation of Temporary File With Insecure Permissions

    Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions such that when it accepts file uploads via the FileUploadDirectives.fileUploadAll directive, the temporary file it creates has too weak permissions and it is readable by other users on Linux or UNIX.

    Note: This issue is similar to CVE-2022-41946.

    How to fix Creation of Temporary File With Insecure Permissions?

    Upgrade com.typesafe.akka:akka-http_3 to version 10.5.2 or higher.

    [,10.5.2)