Akka Http Server
By the Year
In 2024 there have been 0 vulnerabilities in Akka Http Server . Last year Http Server had 1 security vulnerability published. Right now, Http Server is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 7.50 |
2022 | 0 | 0.00 |
2021 | 1 | 7.50 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Http Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Akka Http Server Security Vulnerabilities
The HTTP/2 protocol
CVE-2023-44487
7.5 - High
- October 10, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Resource Exhaustion
Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which
CVE-2021-42697
7.5 - High
- November 02, 2021
Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Akka Http Server or by Akka? Click the Watch button to subscribe.
![subscribe](/images/undraw_subscriber_vabu.png)