HTTP Request Smuggling Affecting com.typesafe.akka:akka-http-core package, versions [10.2.0,10.2.4) [,10.1.14)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
17 Feb 2021
15 Feb 2021
Bastian Ike and Sebastian Rose of AOE
How to fix?
com.typesafe.akka:akka-http-core to version 10.2.4, 10.1.14 or higher.
com.typesafe.akka:akka-http-core is a full server- and client-side HTTP stack on top of akka-actor and akka-stream.
Affected versions of this package are vulnerable to HTTP Request Smuggling. It allows multiple