CVE - CVE-2021-3690

CVE-ID
CVE-2021-3690	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://access.redhat.com/security/cve/CVE-2021-3690 URL:https://access.redhat.com/security/cve/CVE-2021-3690 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1991299 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1991299 MISC:https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877 URL:https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877 MISC:https://issues.redhat.com/browse/UNDERTOW-1935 URL:https://issues.redhat.com/browse/UNDERTOW-1935
Assigning CNA
Red Hat, Inc.
Date Record Created
20210809	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20210809)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)