Akka HTTP 10.1.x prior to 10.1.15 and 10.2.x prior to 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote malicious user to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
akka http server |