Skip to main content

Scala

3 CVEs product

Monthly

CVE-2022-36944 Maven CRITICAL POC PATCH Act Now

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization Java Scala Scala Collection Compat +1
NVD GitHub
CVSS 3.1
9.8
EPSS
8.3%
CVE-2020-7907 HIGH This Week

In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Scala
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2017-15288 Maven HIGH PATCH This Week

{USER:shared}/scalac-compile-server-port,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Scala
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
EPSS 8% CVSS 9.8
CRITICAL POC PATCH Act Now

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization Java +3
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Scala
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

{USER:shared}/scalac-compile-server-port,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Scala
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy