Skip to main content

Akka

2 CVEs product

Monthly

CVE-2018-16115 Maven CRITICAL PATCH Act Now

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Akka
NVD
CVSS 3.0
9.1
EPSS
1.2%
CVE-2017-1000034 Maven HIGH PATCH Act Now

Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 11.7%.

Deserialization Java RCE Akka
NVD
CVSS 3.0
8.1
EPSS
11.7%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Akka
NVD
EPSS 12% CVSS 8.1
HIGH PATCH Act Now

Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 11.7%.

Deserialization Java RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy