CVE-2021-42697
Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
Date published : 2021-11-02
https://akka.io/blog/news/2021/11/02/akka-http-10.2.7-released