CVE-2018-13864 - Path traversal vulnerability in Play assets controller

[James Roper]

A path travernsal vulnerability has been found in the Play Assets controller when running on Windows.

This affects Play 2.6.12 through to 2.6.15, and is fixed in Play 2.6.16.

For details on this vulnerability, please see the advisory on the Play website:

https://www.playframework.com/security/vulnerability/CVE-2018-13864-PathTraversal

--

James Roper
Senior Developer, Office of the CTO

Lightbend – Build reactive apps!
Twitter: @jroper