Lucene search
Redhat.comRH:CVE-2021-3690HistoryAug 09, 2021 - 1:56 a.m.
CVE-2021-3690
2021-08-0901:56:47
redhat.com
access.redhat.com
124
undertow
websocket
pong
buffer leak
memory exhaustion
denial of service
availability
cve-2021-3690
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.2%
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.
Related
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
ubuntucve
ubuntucve
CVE-2021-3690
2022-08-23 00:00:00
redhat
redhat
cvelist
cvelist
CVE-2021-3690
2022-08-23 15:50:35
osv
osv
Undertow vulnerable to memory exhaustion due to buffer leak
2022-07-15 21:07:20
CVE-2021-3690
2022-08-23 16:15:09
nessus
nessus
cve
cve
CVE-2021-3690
2022-08-23 16:15:09
debiancve
debiancve
CVE-2021-3690
2022-08-23 16:15:09
nvd
nvd
CVE-2021-3690
2022-08-23 16:15:09
github
github
Undertow vulnerable to memory exhaustion due to buffer leak
2022-07-15 21:07:20
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.2%
Related for RH:CVE-2021-3690