Security Bypass Affecting com.typesafe.play:play_2.12 package, versions [2.6.0-M1,2.7.5) [2.8.0-M1,2.8.2)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
19 Aug 2020
18 Aug 2020
Kevin Joensen (Doyensec)
How to fix?
com.typesafe.play:play_2.12 to version 2.7.5, 2.8.2 or higher.
com.typesafe.play:play_2.12 is a library for building scalable web applications with Java and Scala.
Affected versions of this package are vulnerable to Security Bypass. In some situations, Play’s contentType.blackList for Cross-Site Request Forgery (CSRF) protection could be bypassed by sending a malformed Content-Type.