CVE-2021-23339
CVE-2021-23339 affects com.typesafe.akka:akka-http-core. The flaw allows multiple Transfer-Encoding headers, enabling HTTP Request Smuggling due to improper validation of requests. Affected versions are all before 10.1.14 and 10.2.0–10.2.4. The issue is rooted in how Transfer-Encoding is handled,...