Description

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.

Remediation

References

CVE-2021-3690

Related Vulnerabilities

WordPress Plugin Simply Static Multiple Vulnerabilities (1.7.0)

TYPO3 CVE-2024-25121 Vulnerability (CVE-2024-25121)

WordPress Plugin Theme Tuner 'tt-abspath' Parameter Remote File Include (0.7)

WordPress Plugin VideoWhisper Video Presentation 'c_status.php' SQL Injection (1.1)

WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0)

Severity

High

Classification

CVE-2021-3690 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities