Approved changes feed: RSS · Atom

cpe:2.3:a:lightbend:play_framework:2.3.4:*:*:*:*:*:*:*

part: a version: 2.3.4 update: *

VendorLightbend (eeba8d5c-f0b3-5068-b0af-843cc375ab14)
ProductPlay Framework (5ad058f8-c0c3-5e57-8cce-8b901055bcb7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/playframework/playframework purl2cpe 2026-06-01 10:16:12.993461

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2015-2156 vulnerable 2026-06-08 05:06:27.589767 Details available
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.
Published: 2017-10-18T15:00:00.000Z
Updated: 2024-08-06T05:10:14.283Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3630 vulnerable 2026-06-08 05:05:41.932675 Details available
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.
Published: 2017-12-29T22:00:00.000Z
Updated: 2024-08-06T10:50:17.931Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.