HTTP Request Smuggling Affecting com.typesafe.akka:akka-http-core_2.12 Open this link in a new tab package, versions [10.2.0,10.2.4) [,10.1.14)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
17 Feb 2021
15 Feb 2021
Bastian Ike and Sebastian Rose of AOE
How to fix?
com.typesafe.akka:akka-http-core_2.12 to version 10.2.4, 10.1.14 or higher.
com.typesafe.akka:akka-http-core_2.12 is a Scala implementation of the akka-http-core library which provides a streaming-first HTTP server and client.
Affected versions of this package are vulnerable to HTTP Request Smuggling. It allows multiple