Lucene search
GoogleOSV:CVE-2021-42697HistoryNov 02, 2021 - 10:15 p.m.
CVE-2021-42697
2021-11-0222:15:08
Google
osv.dev
4
akka http
stack exhaustion
user-agent header
denial of service
Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
References
packetstormsecurity.com/files/167018/Akka-HTTP-10.1.14-Denial-Of-Service.html
akka.io/blog/
akka.io/blog/news/2021/11/02/akka-http-10.2.7-released
akka.io/blog/news/2021/11/22/akka-http-10.1.15-released
doc.akka.io/docs/akka-http/current/security/2021-CVE-2021-42697-stack-overflow-parsing-user-agent.html
Related
zdt
zdt
Akka HTTP 10.1.14 - Denial of Service Exploit
2022-05-11 00:00:00
osv
osv
Uncontrolled Recursion in Akka HTTP
2022-05-24 19:19:40
cvelist
cvelist
CVE-2021-42697
2021-11-02 21:44:54
github
github
Uncontrolled Recursion in Akka HTTP
2022-05-24 19:19:40
githubexploit
githubexploit
Exploit for Uncontrolled Recursion in Akka Http Server
2022-04-24 05:51:24
veracode
veracode
Denial Of Service (DoS)
2021-11-04 06:15:40
packetstorm
packetstorm
Akka HTTP 10.1.14 Denial Of Service
2022-05-11 00:00:00
prion
prion
Design/Logic Flaw
2021-11-02 22:15:00
nvd
nvd
CVE-2021-42697
2021-11-02 22:15:08
cve
cve
CVE-2021-42697
2021-11-02 22:15:08
exploitdb
exploitdb
Akka HTTP 10.1.14 - Denial of Service
2022-05-11 00:00:00
openvas
openvas
Akka HTTP < 10.2.7 DoS Vulnerability
2021-11-05 00:00:00