Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2018/10/22 8:37 p.m.24 views

High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS5.1AI score0.03054EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2018/08/30 1:29 p.m.13 views

Design/Logic Flaw

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS7.3AI score0.03054EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2018/08/30 1:29 p.m.19 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.8CVSS7.4AI score0.03054EPSS
Exploits0References4
OSV
OSV
added 2018/08/30 1:29 p.m.13 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.5CVSS6.8AI score
Exploits0References4
Cvelist
Cvelist
added 2018/08/30 1:0 p.m.16 views

CVE-2018-16131

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service memory consumption and daemon crash via a ZIP bomb...

7.3AI score0.03054EPSS
Exploits0References4
CVE
CVE
added 2018/08/30 1:0 p.m.78 views

CVE-2018-16131

The CVE-2018-16131 issue affects Lightbend Akka HTTP, specifically the decodeRequest and decodeRequestWith directives in Akka HTTP 10.0.x (up to 10.0.13) and 10.1.x (up to 10.1.4). The root cause is that these directives allow decompression of unbounded input, enabling a ZIP bomb to cause a denia...

7.8CVSS7.2AI score0.03054EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder