CVE-2021-3629

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3629
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3629.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-3629
Aliases
Downstream
Published
2022-05-24T19:15:09.093Z
Modified
2026-02-08T22:17:58.095305Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.

References

Affected packages

Git / github.com/undertow-io/undertow

Affected ranges

Type
GIT
Repo
https://github.com/undertow-io/undertow
Events
Fixed
225d62735b189e460a56460207b8c6073fcc3737
Introduced
8ddcc2608f58ed3377474f4e537728c5518a7862
Fixed
df0f10c6e62061b3dd39c27ce36182a7e6360005

Affected versions

2.*
2.2.0.Final
2.2.1.Final
2.2.10.Final
2.2.2.Final
2.2.3.Final
2.2.4.Final
2.2.5.Final
2.2.6.Final
2.2.7.Final
2.2.8.Final
2.2.9.Final

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3629.json"