Scala
Monthly
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
{USER:shared}/scalac-compile-server-port,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
{USER:shared}/scalac-compile-server-port,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.