Play Framework Inadequate Encryption Strength Vulnerability - CVE-2019-17598 - Vulnerability Database

Play Framework Inadequate Encryption Strength Vulnerability - CVE-2019-17598

High
Reference: CVE-2019-17598
Title: Play Framework Inadequate Encryption Strength Vulnerability
Overview:

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy play-ws may sometimes typically under high load when connecting to a target host using https expose the proxy credentials to the target host.