Description

A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.

Remediation

References

CVE-2021-3859

Related Vulnerabilities

WordPress Plugin Business Hours Pro Arbitrary File Upload (5.5.0)

WordPress Plugin Advanced Custom Fields PRO Multiple Security Bypass Vulnerabilities (5.10)

WordPress Plugin Ajax Search Lite Security Bypass (3.1)

Joomla Other Vulnerability (CVE-2005-3771)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.4.2)

Severity

High

Classification

CVE-2021-3859 CWE-668 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities