CVE-2021-41119

Source
https://cve.org/CVERecord?id=CVE-2021-41119
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41119.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-41119
Downstream
Related
  • GHSA-phxv-pffh-fq2r
Published
2022-04-13T19:15:08.990Z
Modified
2026-04-10T04:38:12.437668Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.

References

Affected packages

Git / github.com/wireapp/wire-server

Affected ranges

Type
GIT
Repo
https://github.com/wireapp/wire-server
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2022-03-01"
        }
    ]
}

Affected versions

chart/4.*
chart/4.0.0
chart/4.1.0
chart/4.2.0
chart=2.*
chart=2.100.0,image=2.100.0
chart=2.100.9,image=2.100.9
chart=2.101.0,image=2.101.0
chart=2.102.0,image=2.102.0
chart=2.104.0,image=2.104.0
chart=2.105.0,image=2.105.0
chart=2.106.0,image=2.106.0
chart=2.107.0,image=2.107.0
chart=2.108.0,image=2.108.0
chart=2.109.0,image=2.109.0
chart=2.109.29,image=2.109.29
chart=2.110.0,image=2.110.0
chart=2.110.32,image=2.110.32
chart=2.111.0,image=2.111.0
chart=2.111.13,image=2.111.13
chart=2.112.0,image=2.112.0
chart=2.113.0,image=2.113.0
chart=2.114.0,image=2.114.0
chart=2.115.0,image=2.115.0
chart=2.115.58,image=2.115.58
chart=2.116.0,image=2.116.0
chart=2.117.0,image=2.117.0
chart=2.118.0,image=2.118.0
chart=2.119.0,image=2.119.0
chart=2.119.1,image=2.119.1
chart=2.119.21,image=2.119.21
chart=2.120.0,image=2.120.0
chart=2.121.0,image=2.121.0
chart=2.122.0,image=2.122.0
chart=2.122.13,image=2.122.13
chart=2.124.0,image=2.124.0
chart=2.124.1,image=2.124.1
chart=2.125.0,image=2.125.0
chart=2.96.0,image=2.96.0
chart=2.96.5,image=2.96.5
chart=2.96.6,image=2.96.6
chart=2.97.0,image=2.97.0
chart=2.98.0,image=2.98.0
chart=2.99.12,image=2.99.12
deb/3.*
deb/3.10.0
deb/3.11.0
deb/3.12.0
deb/3.13.0
deb/3.14.0
deb/3.14.7
deb/3.15.0
deb/3.16.0
deb/3.17.0
deb/3.18.0
deb/3.19.0
deb/3.2.0
deb/3.20.0
deb/3.21.0
deb/3.22.0
deb/3.23.0
deb/3.23.13
deb/3.24.0
deb/3.24.19
deb/3.25.0
deb/3.27.0
deb/3.27.12
deb/3.28.0
deb/3.29.0
deb/3.29.5
deb/3.3.0
deb/3.30.0
deb/3.30.7
deb/3.31.0
deb/3.32.0
deb/3.32.12
deb/3.33.0
deb/3.34.0
deb/3.35.0
deb/3.36.0
deb/3.37.0
deb/3.38.0
deb/3.38.1
deb/3.4.0
deb/3.43.0
deb/3.44.0
deb/3.44.39
deb/3.45.0
deb/3.46.0
deb/3.47.0
deb/3.47.28
deb/3.48.0
deb/3.48.31
deb/3.49.0
deb/3.49.13
deb/3.5.0
deb/3.50.0
deb/3.51.0
deb/3.52.0
deb/3.53.0
deb/3.54.0
deb/3.54.1
deb/3.54.60
deb/3.55.0
deb/3.56.0
deb/3.57.0
deb/3.58.0
deb/3.59.0
deb/3.59.1
deb/3.59.21
deb/3.6.0
deb/3.6.8
deb/3.60.0
deb/3.61.0
deb/3.62.0
deb/3.63.0
deb/3.63.13
deb/3.64.0
deb/3.65.0
deb/3.65.1
deb/3.66.0
deb/3.7.0
deb/3.7.22
deb/3.8.0
deb/3.9.0
deb/4.*
deb/4.0.0
deb/4.1.0
deb/4.2.0
image-2.*
image-2.50.315
image/2.*
image/2.100.0
image/2.100.9
image/2.101.0
image/2.102.0
image/2.103.0
image/2.103.3
image/2.104.0
image/2.105.0
image/2.106.0
image/2.107.0
image/2.108.0
image/2.109.0
image/2.109.29
image/2.110.0
image/2.110.32
image/2.111.0
image/2.111.13
image/2.112.0
image/2.113.0
image/2.114.0
image/2.114.18
image/2.115.0
image/2.115.58
image/2.116.0
image/2.117.0
image/2.118.0
image/2.119.0
image/2.119.1
image/2.119.21
image/2.120.0
image/2.121.0
image/2.122.0
image/2.122.13
image/2.124.0
image/2.124.1
image/2.125.0
image/2.50.341
image/2.51.0
image/2.52.0
image/2.53.0
image/2.54.0
image/2.55.0
image/2.56.0
image/2.57.0
image/2.57.1
image/2.58.0
image/2.59.0
image/2.60.0
image/2.60.1
image/2.61.0
image/2.62.0
image/2.63.0
image/2.63.1
image/2.64.0
image/2.65.0
image/2.66.0
image/2.67.0
image/2.67.1
image/2.68.0
image/2.69.0
image/2.70.0
image/2.70.10
image/2.70.11
image/2.70.12
image/2.70.13
image/2.70.14
image/2.70.16
image/2.70.17
image/2.70.18
image/2.70.19
image/2.70.20
image/2.70.21
image/2.70.3
image/2.70.4
image/2.70.5
image/2.70.6
image/2.70.7
image/2.70.8
image/2.70.9
image/2.72.2
image/2.72.3
image/2.73.10
image/2.73.11
image/2.73.12
image/2.73.13
image/2.73.14
image/2.73.2
image/2.73.3
image/2.73.4
image/2.73.5
image/2.73.6
image/2.73.7
image/2.73.8
image/2.73.9
image/2.74.0
image/2.75.0
image/2.76.0
image/2.77.0
image/2.78.0
image/2.79.0
image/2.80.0
image/2.80.8
image/2.81.0
image/2.81.19
image/2.82.0
image/2.83.0
image/2.84.0
image/2.85.0
image/2.85.6
image/2.86.0
image/2.87.0
image/2.88.0
image/2.89.0
image/2.90.0
image/2.90.18
image/2.91.0
image/2.93.0
image/2.94.0
image/2.95.0
image/2.96.0
image/2.96.6
image/2.97.0
image/2.97.7
image/2.98.0
image/2.99.0
image/2.99.12
image/4.*
image/4.0.0
image/4.1.0
image/4.2.0
Other
v2018-10-04
v2018-11-28
v2018-12-06
v2019-01-10
v2019-01-24
v2019-02-18
v2019-02-22
v2019-02-28
v2019-03-25
v2019-04-09
v2019-05-02
v2019-07-08
v2019-08-08
v2019-09-03
v2019-09-16
v2019-09-30
v2019-11-06
v2019-11-28
v2019-12-20
v2020-01-09
v2020-02-18
v2020-02-27
v2020-03-10
v2020-04-15
v2020-04-21
v2020-05-07
v2020-05-15
v2020-06-03
v2020-06-10
v2020-06-19
v2020-07-13
v2020-07-29
v2020-09-04
v2020-10-05
v2020-10-28
v2020-11-25
v2020-12-15
v2020-12-21
v2021-01-12
v2021-02-16
v2021-02-25
v2021-03-02
v2021-03-21
v2021-03-22
v2021-03-23
v2021-05-04
v2021-05-05
v2021-05-26
v2021-06-08
v2021-06-23
v2021-07-09
v2021-08-02
v2021-08-16
v2021-08-27
v2021-09-08
v2021-09-14
v2021-10-01
v2021-10-29
v2021-11-15
v2021-12-10
v2022-01-18
v2022-01-27
v2022-01-28
v2022-02-02
v2022-02-21

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41119.json"