VulnerableCode Package Details - pkg:maven/com.typesafe.akka/akka-http-core

Search for packages

Vulnerability	Summary	Fixed by
VCID-5781-s1ny-q7ey Aliases: CVE-2023-44487 GHSA-2m7v-gc89-fjqf GHSA-qppj-fm5r-hxr3 GHSA-vx74-f528-fxqg GHSA-xpw8-rcwv-8f8p GMS-2023-3377 VSV00013		10.5.3 Affected by 0 other vulnerabilities.
VCID-eqhq-vd75-1fgb Aliases: CVE-2018-16131 GHSA-9qgc-p27w-3hjg	Uncontrolled Resource Consumption The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb.	10.1.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-w7g1-y7u7-z3fg Aliases: CVE-2021-42697 GHSA-3hw2-h67c-wq66	Out-of-bounds Write Akka HTTP can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a `User-Agent` header with deeply nested comments.	10.1.15 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 10.2.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-5781-s1ny-q7ey
Aliases:
CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013

10.5.3
Affected by 0 other vulnerabilities.

VCID-eqhq-vd75-1fgb
Aliases:
CVE-2018-16131
GHSA-9qgc-p27w-3hjg

Uncontrolled Resource Consumption The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb.

10.1.4
Affected by 2 other vulnerabilities.

VCID-w7g1-y7u7-z3fg
Aliases:
CVE-2021-42697
GHSA-3hw2-h67c-wq66

Out-of-bounds Write Akka HTTP can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a `User-Agent` header with deeply nested comments.

10.1.15
Affected by 1 other vulnerability.

10.2.7
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:40:25.998946+00:00	GitLab Importer	Affected by	VCID-5781-s1ny-q7ey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml	38.4.0
2026-04-16T21:59:27.313297+00:00	GitLab Importer	Affected by	VCID-w7g1-y7u7-z3fg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml	38.4.0
2026-04-16T20:49:24.122387+00:00	GitLab Importer	Affected by	VCID-eqhq-vd75-1fgb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml	38.4.0
2026-04-11T23:59:54.398790+00:00	GitLab Importer	Affected by	VCID-5781-s1ny-q7ey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml	38.3.0
2026-04-11T23:14:59.672935+00:00	GitLab Importer	Affected by	VCID-w7g1-y7u7-z3fg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml	38.3.0
2026-04-11T22:00:27.876662+00:00	GitLab Importer	Affected by	VCID-eqhq-vd75-1fgb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml	38.3.0
2026-04-03T00:02:57.085104+00:00	GitLab Importer	Affected by	VCID-5781-s1ny-q7ey	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml	38.1.0
2026-04-02T23:22:57.393309+00:00	GitLab Importer	Affected by	VCID-w7g1-y7u7-z3fg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml	38.1.0
2026-04-02T22:13:32.501795+00:00	GitLab Importer	Affected by	VCID-eqhq-vd75-1fgb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml	38.1.0
2026-04-01T17:44:02.143570+00:00	GitLab Importer	Affected by	VCID-w7g1-y7u7-z3fg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml	38.0.0
2026-04-01T16:02:17.705727+00:00	GHSA Importer	Affected by	VCID-w7g1-y7u7-z3fg	https://github.com/advisories/GHSA-3hw2-h67c-wq66	38.0.0
2026-04-01T15:57:04.486380+00:00	GHSA Importer	Affected by	VCID-eqhq-vd75-1fgb	https://github.com/advisories/GHSA-9qgc-p27w-3hjg	38.0.0
2026-04-01T12:48:07.012801+00:00	GitLab Importer	Affected by	VCID-eqhq-vd75-1fgb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml	38.0.0