6 matches found
Security Bulletin: akka-http-core Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-23339)
Summary akka-http-core allows is vulnerable to allow multiple Transfer-Encoding headers on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-23339 DESCRIPTION: com.typesafe.akka:akka-http-core is vulnerable to request smuggling, caused by improper validation of request. By...
CVE-2021-23339
This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers...
CVE-2021-23339
This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers...
biz.lobachev.annette:api-gateway-core_2.13 (=0.3.0), biz.lobachev.annette:application-api-gateway_2.13 (=0.3.0) +456 more potentially affected by CVE-2021-23339 via com.typesafe.akka:akka-http-core_2.13 (>=10.2.0 <=10.2.3)
com.typesafe.akka:akka-http-core2.13 MAVEN version =10.2.0, =10.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.typesafe.akka:akka-http-core2.13 and may be impacted: - biz.lobachev.annette:api-gateway-core2.13 =0.3.0 -...
be.objectify:deadbolt-java_2.13 (=2.8.0), be.objectify:deadbolt-scala_2.13 (=2.8.0) +470 more potentially affected by CVE-2021-23339 via com.typesafe.akka:akka-http-core_2.13 (>=10.1.10 <=10.1.13)
com.typesafe.akka:akka-http-core2.13 MAVEN version =10.1.10, =0.1.2, =0.1.2, =0.2.0, =0.1.2, =0.1.2, =0.1.2, =0.1.2, =0.2.0, =0.1.2, =0.1.2, =0.4.0, =0.4.0, =0.4.0, =0.5.1 and more Source cves: CVE-2021-23339 Source advisory: SNYK:JAVA-COMTYPESAFEAKKA-2315412...
ch.megard:akka-http-cors_2.12 (>=1.1.0 <=1.2.0), com.avast.grpc:grpc-json-bridge-akkahttp_2.12 (>=0.18.1 <=0.19.0) +242 more potentially affected by CVE-2021-23339 via com.typesafe.akka:akka-http-core_2.12 (>=10.2.0 <=10.2.3)
com.typesafe.akka:akka-http-core2.12 MAVEN version =10.2.0, =1.1.0, =0.18.1, =5.6.1, =1.0.16, =1.0.16, =1.0.16, =1.8.0, =7.0, =0.1.22, =2.0.0, =1.3.0, =1.3.0, =0.7.1, =2.2.6, =2.4.0 and more Source cves: CVE-2021-23339 Source advisory: SNYK:JAVA-COMTYPESAFEAKKA-2315411...