Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:6 p.m.10 views

CVE-2021-42697

Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments...

7.5CVSS6.8AI score0.36139EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2022/05/24 7:19 p.m.7 views

com.github.swagger-akka-http:swagger-akka-http_2.13.0-RC3 (=2.0.3), com.typesafe.akka:akka-http-caching_2.13.0-RC3 (=10.1.8) +13 more potentially affected by CVE-2021-42697 via com.typesafe.akka:akka-http-core_2.13.0-RC3 (=10.1.8)

com.typesafe.akka:akka-http-core2.13.0-RC3 MAVEN version =10.1.8 is affected by a known vulnerability. The following packages have a transitive dependency on com.typesafe.akka:akka-http-core2.13.0-RC3 and may be impacted: - com.github.swagger-akka-http:swagger-akka-http2.13.0-RC3 =2.0.3 -...

7.5CVSS7.1AI score0.36139EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2022/05/24 7:19 p.m.6 views

ai.mantik:bridge-protocol_2.13 (>=0.4.0 <=0.4.0-rc1), ai.mantik:componently_2.13 (>=0.4.0 <=0.4.0-rc1) +607 more potentially affected by CVE-2021-42697 via com.typesafe.akka:akka-http-core_2.13 (>=10.2.0-M1 <=10.2.6)

com.typesafe.akka:akka-http-core2.13 MAVEN version =10.2.0-M1, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0-rc1 and more Source cves: CVE-2021-42697 Source advisory: OSV:GHSA-3HW2-H67C-WQ66...

7.5CVSS7.1AI score0.36139EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2022/05/24 7:19 p.m.4 views

be.objectify:deadbolt-java_2.13 (=2.8.0), be.objectify:deadbolt-scala_2.13 (=2.8.0) +488 more potentially affected by CVE-2021-42697 via com.typesafe.akka:akka-http-core_2.13 (>=10.1.10 <=10.1.14)

com.typesafe.akka:akka-http-core2.13 MAVEN version =10.1.10, =0.1.2, =0.1.2, =0.2.0, =0.1.2, =0.1.2, =0.1.2, =0.1.2, =0.2.0, =0.1.2, =0.1.2, =0.4.0, =0.4.0, =0.4.0, =0.5.1 and more Source cves: CVE-2021-42697 Source advisory: OSV:GHSA-3HW2-H67C-WQ66...

7.5CVSS7.1AI score0.36139EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2022/05/24 7:19 p.m.7 views

ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.lum:odinson-rest-api_2.12 (>=0.3.1 <=0.5.0) +599 more potentially affected by CVE-2021-42697 via com.typesafe.akka:akka-http-core_2.12 (>=10.1.0 <=10.1.14)

com.typesafe.akka:akka-http-core2.12 MAVEN version =10.1.0, =0.3.0, =0.3.1, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.0, =0.3.1-rc1 and more Source cves: CVE-2021-42697 Source advisory: OSV:GHSA-3HW2-H67C-WQ66...

7.5CVSS7.1AI score0.36139EPSS
Exploits5
0day.today
0day.today
added 2022/05/11 12:0 a.m.139 views

Akka HTTP 10.1.14 - Denial of Service Exploit

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697 import argparse...

7.5CVSS7.5AI score0.36139EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.249 views

Akka HTTP 10.1.14 - Denial of Service

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Date: 18/4/2022 Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697...

7.5CVSS7.8AI score0.36139EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.205 views

Akka HTTP 10.1.14 Denial Of Service

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Date: 18/4/2022 Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697...

7.5CVSS0.36139EPSS
Exploits5
GithubExploit
GithubExploit
added 2022/04/24 5:51 a.m.441 views

Exploit for Uncontrolled Recursion in Akka Http_Server

Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can enc...

7.5CVSS7.6AI score0.36139EPSS
Exploits5
Circl
Circl
added 2021/11/03 1:23 a.m.8 views

CVE-2021-42697

creationtimestamp| type| source ---|---|--- 2021-11-03 01:23:11+00:00| seen| https://t.me/cibsecurity/31672...

7.5CVSS7.3AI score0.36139EPSS
Exploits5References1
CVE
CVE
added 2021/11/02 9:44 p.m.86 views

CVE-2021-42697

CVE-2021-42697 affects Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7, where parsing HTTP headers can stack-exhaust and enable a remote DoS via a User-Agent header containing deeply nested comments. Root cause: stack overflow during header parsing. Public advisories (GHSA/OSV) and explo...

7.5CVSS7.3AI score0.36139EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder