CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7780

This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. For older versions, endpoints protected by randomTokenCsrfProtection could be bypassed with an empty X-XSRF-TOKEN header and an empty XSRF-TOKEN cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.8%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.8

References

Products affected by CVE-2020-7780

Softwaremill » Akka-Http-Session » Version: 0.1

cpe:2.3:a:softwaremill:akka-http-session:0.1
Softwaremill » Akka-Http-Session » Version: 0.1.2

cpe:2.3:a:softwaremill:akka-http-session:0.1.2
Softwaremill » Akka-Http-Session » Version: 0.1.3

cpe:2.3:a:softwaremill:akka-http-session:0.1.3
Softwaremill » Akka-Http-Session » Version: 0.1.4

cpe:2.3:a:softwaremill:akka-http-session:0.1.4
Softwaremill » Akka-Http-Session » Version: 0.2.0

cpe:2.3:a:softwaremill:akka-http-session:0.2.0
Softwaremill » Akka-Http-Session » Version: 0.2.1

cpe:2.3:a:softwaremill:akka-http-session:0.2.1
Softwaremill » Akka-Http-Session » Version: 0.2.2

cpe:2.3:a:softwaremill:akka-http-session:0.2.2
Softwaremill » Akka-Http-Session » Version: 0.2.3

cpe:2.3:a:softwaremill:akka-http-session:0.2.3
Softwaremill » Akka-Http-Session » Version: 0.2.4

cpe:2.3:a:softwaremill:akka-http-session:0.2.4
Softwaremill » Akka-Http-Session » Version: 0.2.6

cpe:2.3:a:softwaremill:akka-http-session:0.2.6
Softwaremill » Akka-Http-Session » Version: 0.2.7

cpe:2.3:a:softwaremill:akka-http-session:0.2.7
Softwaremill » Akka-Http-Session » Version: 0.3.0

cpe:2.3:a:softwaremill:akka-http-session:0.3.0
Softwaremill » Akka-Http-Session » Version: 0.4.0

cpe:2.3:a:softwaremill:akka-http-session:0.4.0
Softwaremill » Akka-Http-Session » Version: 0.5.0

cpe:2.3:a:softwaremill:akka-http-session:0.5.0
Softwaremill » Akka-Http-Session » Version: 0.5.10

cpe:2.3:a:softwaremill:akka-http-session:0.5.10
Softwaremill » Akka-Http-Session » Version: 0.5.11

cpe:2.3:a:softwaremill:akka-http-session:0.5.11
Softwaremill » Akka-Http-Session » Version: 0.5.2

cpe:2.3:a:softwaremill:akka-http-session:0.5.2
Softwaremill » Akka-Http-Session » Version: 0.5.4

cpe:2.3:a:softwaremill:akka-http-session:0.5.4
Softwaremill » Akka-Http-Session » Version: 0.5.5

cpe:2.3:a:softwaremill:akka-http-session:0.5.5
Softwaremill » Akka-Http-Session » Version: 0.5.6

cpe:2.3:a:softwaremill:akka-http-session:0.5.6
Softwaremill » Akka-Http-Session » Version: 0.5.7

cpe:2.3:a:softwaremill:akka-http-session:0.5.7
Softwaremill » Akka-Http-Session » Version: 0.5.8

cpe:2.3:a:softwaremill:akka-http-session:0.5.8
Softwaremill » Akka-Http-Session » Version: 0.5.9

cpe:2.3:a:softwaremill:akka-http-session:0.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7780

Products

Pricing

Contact Us