CVE-2021-3597

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3597
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3597.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-3597
Aliases
Downstream
Published
2022-05-24T19:15:09.037Z
Modified
2026-02-09T04:38:27.478295Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.

References

Affected packages

Git / github.com/undertow-io/undertow

Affected ranges

Type
GIT
Repo
https://github.com/undertow-io/undertow
Events
Fixed
7aa46956d0171a36f39521a7b3065a8c4b8d9ad2
Introduced
8ddcc2608f58ed3377474f4e537728c5518a7862
Fixed
affeda2ad491a0523308b6e7a38e3ad92563abb1

Affected versions

2.*
2.2.0.Final
2.2.1.Final
2.2.2.Final
2.2.3.Final
2.2.4.Final
2.2.5.Final

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3597.json"