23 matches found
netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...
netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...
Denial Of Service (DoS) Via Zip Bomb
akka-http is vulnerable to denial of service via a Zip Bomb. The vulnerability is caused by the application not having size limitations on decompressed data from the directives decodeRequest and decodeRequestWith or when using them in combination with directives like entityas, toStrict, or...