Lucene search
Ubuntu.comUB:CVE-2021-3690HistoryAug 23, 2022 - 12:00 a.m.
CVE-2021-3690
2022-08-2300:00:00
ubuntu.com
ubuntu.com
22
buffer leak
undertow
memory exhaustion
websocket
denial of service
cve-2021-3690
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.2%
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG
message may lead to memory exhaustion. This flaw allows an attacker to
cause a denial of service. The highest threat from this vulnerability is
availability.
Related
prion
prion
Design/Logic Flaw
2022-08-23 16:15:00
redhat
redhat
cvelist
cvelist
CVE-2021-3690
2022-08-23 15:50:35
osv
osv
Undertow vulnerable to memory exhaustion due to buffer leak
2022-07-15 21:07:20
CVE-2021-3690
2022-08-23 16:15:09
nessus
nessus
cve
cve
CVE-2021-3690
2022-08-23 16:15:09
debiancve
debiancve
CVE-2021-3690
2022-08-23 16:15:09
redhatcve
redhatcve
CVE-2021-3690
2021-08-09 01:56:47
nvd
nvd
CVE-2021-3690
2022-08-23 16:15:09
github
github
Undertow vulnerable to memory exhaustion due to buffer leak
2022-07-15 21:07:20
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
47.2%
Related for UB:CVE-2021-3690