Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/com.typesafe.akka/akka-http-core_2.12@10.1.4
purl pkg:maven/com.typesafe.akka/akka-http-core_2.12@10.1.4
Next non-vulnerable version 10.5.3
Latest non-vulnerable version 10.5.3
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-5781-s1ny-q7ey
Aliases:
CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013
10.5.3
Affected by 0 other vulnerabilities.
VCID-w7g1-y7u7-z3fg
Aliases:
CVE-2021-42697
GHSA-3hw2-h67c-wq66
Out-of-bounds Write Akka HTTP can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a `User-Agent` header with deeply nested comments.
10.1.15
Affected by 1 other vulnerability.
10.2.7
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-eqhq-vd75-1fgb Uncontrolled Resource Consumption The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb. CVE-2018-16131
GHSA-9qgc-p27w-3hjg

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:40:26.013266+00:00 GitLab Importer Affected by VCID-5781-s1ny-q7ey https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml 38.4.0
2026-04-16T21:59:27.326928+00:00 GitLab Importer Affected by VCID-w7g1-y7u7-z3fg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml 38.4.0
2026-04-16T20:49:24.135789+00:00 GitLab Importer Fixing VCID-eqhq-vd75-1fgb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml 38.4.0
2026-04-11T23:59:54.413727+00:00 GitLab Importer Affected by VCID-5781-s1ny-q7ey https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml 38.3.0
2026-04-11T23:14:59.687172+00:00 GitLab Importer Affected by VCID-w7g1-y7u7-z3fg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml 38.3.0
2026-04-11T22:00:27.890944+00:00 GitLab Importer Fixing VCID-eqhq-vd75-1fgb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml 38.3.0
2026-04-03T00:02:57.099960+00:00 GitLab Importer Affected by VCID-5781-s1ny-q7ey https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2023-44487.yml 38.1.0
2026-04-02T23:22:57.406656+00:00 GitLab Importer Affected by VCID-w7g1-y7u7-z3fg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml 38.1.0
2026-04-02T22:13:32.515237+00:00 GitLab Importer Fixing VCID-eqhq-vd75-1fgb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml 38.1.0
2026-04-01T17:44:02.159317+00:00 GitLab Importer Affected by VCID-w7g1-y7u7-z3fg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2021-42697.yml 38.0.0
2026-04-01T15:57:04.489659+00:00 GHSA Importer Fixing VCID-eqhq-vd75-1fgb https://github.com/advisories/GHSA-9qgc-p27w-3hjg 38.0.0
2026-04-01T13:03:41.234430+00:00 GithubOSV Importer Fixing VCID-eqhq-vd75-1fgb https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-9qgc-p27w-3hjg/GHSA-9qgc-p27w-3hjg.json 38.0.0
2026-04-01T12:48:07.015211+00:00 GitLab Importer Fixing VCID-eqhq-vd75-1fgb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.typesafe.akka/akka-http-core_2.12/CVE-2018-16131.yml 38.0.0