CVE-2021-4213

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-4213
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4213.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-4213
Downstream
Related
Published
2022-08-24T16:15:09.980Z
Modified
2026-02-22T01:39:26.002039Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

References

Affected packages

Git / github.com/dogtagpki/jss

Affected ranges

Type
GIT
Repo
https://github.com/dogtagpki/jss
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5922560a78d0dee61af8a33cc9cfbf4cfa291448
Introduced
21af2aaec9e8948019e5189fa3fa5d2417f9eafa
Fixed
6472faa92930120fff9d350d04343a5a8fbc9d91

Affected versions

v5.*
v5.0.0
v5.1.0-alpha1
v5.1.0-alpha2

Database specific

vanir_signatures 
[
    {
        "id": "CVE-2021-4213-08178e16",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "37432704366700311483301766886398557852",
                "294858725942001584942105130223247473799",
                "60006491667414592306235336524934132073",
                "100836594654931845128508451801298076821",
                "326853062492569989422745553414016718497",
                "190767088664547324683593368630807189480",
                "198854810990081849766030138853555691566",
                "151635163410598877725097489288426482454"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/6472faa92930120fff9d350d04343a5a8fbc9d91",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"
        }
    },
    {
        "id": "CVE-2021-4213-15e35920",
        "signature_version": "v1",
        "digest": {
            "function_hash": "219749423068332797498153345312605903130",
            "length": 1302.0
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/6472faa92930120fff9d350d04343a5a8fbc9d91",
        "signature_type": "Function",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java",
            "function": "checkSSLAlerts"
        }
    },
    {
        "id": "CVE-2021-4213-1e6e0e4e",
        "signature_version": "v1",
        "digest": {
            "function_hash": "53900283518551809885924419871545033797",
            "length": 444.0
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_type": "Function",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java",
            "function": "cleanupSSLFD"
        }
    },
    {
        "id": "CVE-2021-4213-319b8b37",
        "signature_version": "v1",
        "digest": {
            "function_hash": "156225052922560045367427690358805773123",
            "length": 165.0
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_type": "Function",
        "target": {
            "file": "src/main/java/org/mozilla/jss/nss/SSLFDProxy.java",
            "function": "releaseNativeResources"
        }
    },
    {
        "id": "CVE-2021-4213-82ef5c48",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "70414584937688691418959387837383639088",
                "184380057306289880382970560034723865336",
                "289180661143112163918906210432224844254",
                "260711449837960221625440174471868579663",
                "147265512721861978994190199797215748843",
                "10196732133123374531843117410672514415",
                "299482203258699554369622827932554896111",
                "205640474597147053195859000299904183990",
                "297443378685805027606782421161262206014",
                "103672784752009183058197262856681291262",
                "100604562822771284684289016573000961557",
                "108587633537507210242609878158511307392"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/mozilla/jss/nss/SSLFDProxy.java"
        }
    },
    {
        "id": "CVE-2021-4213-abf7b8ab",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "148430987734620631526867309489734105335",
                "136551681666045459290051962843935282635",
                "271516098814979977888817798041242170439",
                "55404809171744665335595296731884407523"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/mozilla/jss/util/GlobalRefProxy.java"
        }
    },
    {
        "id": "CVE-2021-4213-d8a842c2",
        "signature_version": "v1",
        "digest": {
            "function_hash": "219749423068332797498153345312605903130",
            "length": 1302.0
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2",
        "signature_type": "Function",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java",
            "function": "checkSSLAlerts"
        }
    },
    {
        "id": "CVE-2021-4213-f41a1a61",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "37432704366700311483301766886398557852",
                "294858725942001584942105130223247473799",
                "60006491667414592306235336524934132073",
                "100836594654931845128508451801298076821",
                "326853062492569989422745553414016718497",
                "190767088664547324683593368630807189480",
                "198854810990081849766030138853555691566",
                "151635163410598877725097489288426482454"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"
        }
    },
    {
        "id": "CVE-2021-4213-f552131f",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "203692485456295385397758516792272558075",
                "16191805119952505393581590119351600524",
                "49939681293512275685100863593396623991",
                "253875525362253716144048744726692625250",
                "289124356721616494175359873477054604907",
                "72534848300577167057492073107428433662",
                "243432235600768492575099973824243956780",
                "26524115824917176634157549856519774790",
                "335486120791894628648788999364448710616",
                "257556877707185846372730833220240311335",
                "77227145818541382172210577852980687646",
                "125546490764732189946148779822259188972",
                "162024439652882201799859336716404027896",
                "303906379920496623012138155819742482134",
                "324469498220904681607458504736737127332",
                "150627077577791991003551644809907184063",
                "244116941531702325687997541856182447210",
                "314984313646827669005302199914587703232",
                "228398403339612311472317892733370025702",
                "229887134261204045962845918494914263950",
                "289364554913352539270557840493695808202",
                "242691874994251331260525114288807794775"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"
        }
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4213.json"

Git / github.com/identitypython/pysaml2

Affected ranges

Type
GIT
Repo
https://github.com/identitypython/pysaml2
Events
Introduced
f27c7e7a7010f83380566a219fd6a290a00f2b6e
Fixed
43bb7ad1116534b5f1f6f2ad6aa45f6ccdb43fa6

Affected versions

v5.*
v5.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4213.json"