CVE-2020-27196

Published: Nov 6, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON payloads) causes a StackOverflowError and Denial of Service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.playframework.com/security/vulnerability

x_refsource_MISC

https://www.playframework.com/security/vulnerability/CVE-2020-27196-DosViaJsonStackOverflow

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-27196

Description

Affected Products

References