CVE-2020-26883

CVSS v3.1 7.5 (High)

CVSS v2.0 5 (Medium)

EPSS 0.11 % (45^th)

Affected Products 1

Advisories 1

In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.

	CPE23	From	Up To
Lightbend Play Framework 2.6.25 and prior versions	cpe:2.3:a:lightbend:play_framework		<= 2.6.25
Lightbend Play Framework from 2.7.0 version and 2.7.5 and prior versions	cpe:2.3:a:lightbend:play_framework	>= 2.7.0	<= 2.7.5
Lightbend Play Framework from 2.8.0 version and 2.8.2 and prior versions	cpe:2.3:a:lightbend:play_framework	>= 2.8.0	<= 2.8.2