CVE-2020-26883
- Source
- https://cve.org/CVERecord?id=CVE-2020-26883
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26883.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-26883
- Aliases
- Published
- 2020-11-06T14:15:16.317Z
- Modified
- 2026-04-10T04:26:34.425858Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.
- References
Affected packages
Git / github.com/playframework/playframework
Affected ranges
- Type
- GIT
- Repo
- https://github.com/playframework/playframework
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedLast affectedIntroducedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "2.6.25" }, { "introduced": "2.7.0" }, { "last_affected": "2.7.5" }, { "introduced": "2.8.0" }, { "last_affected": "2.8.2" } ] }
Affected versions
2.*
2.0
2.0-RC1
2.0-RC2
2.0-RC3
2.0-RC4
2.0-RC5
2.0-beta
2.1-RC1
2.1-RC2
2.1-RC3
2.2.0-M1
2.2.0-M2
2.2.0-M3
2.2.0-RC1
2.3-M1
2.3.0-RC1
2.4.0-M1
2.4.0-M2
2.4.0-M3
2.4.0-RC1
2.4.0-RC2
2.4.0-RC3
2.5.0
2.5.0-M1
2.5.0-M2
2.5.0-RC1
2.5.0-RC2
2.6.0
2.6.0-M1
2.6.0-M2
2.6.0-M3
2.6.0-M4
2.6.0-M5
2.6.0-RC1
2.6.0-RC2
2.6.1
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.6.19
2.6.2
2.6.20
2.6.21
2.6.22
2.6.23
2.6.24
2.6.25
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.7.0
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.8.0
2.8.1
2.8.2