Description

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.

Remediation

References

CVE-2021-3629

Related Vulnerabilities

Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)

Oracle Application Server CVE-2006-0287 Vulnerability (CVE-2006-0287)

PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)

PrestaShop Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-7491)

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2932)

Severity

High

Classification

CVE-2021-3629 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities