CVE-2021-4213

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-4213
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4213.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-4213
Downstream
Related
Published
2022-08-24T16:15:09.980Z
Modified
2025-11-20T11:55:06.318134Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

References

Affected packages

Git / github.com/dogtagpki/jss

Affected ranges

Type
GIT
Repo
https://github.com/dogtagpki/jss
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2
Fixed
5922560a78d0dee61af8a33cc9cfbf4cfa291448

Affected versions

Other

ALERT_SERVICE_BASE
ANGELON_MOZ12_BASE
BOB_3_12_ALPHA_TEST_1
BSMEDBERG_SECURITY_PLAYGROUND_20050512_BASE
CAMINO_2_0_A1_RELEASE
CAMINO_2_0_B1_RELEASE
CAMINO_2_0_B2_RELEASE
CAMINO_2_0_B3_RELEASE
DBM16_RTM_20011206
DBM_1_61_RC1
DBM_1_61_RTM
DBM_1_6_BETA1
DDRINAN_TEST_NSS_TAG
EVENTSREWRITE_20000211_BASE
FASTLOAD_20010703_BASE
FIREFOX_0_8_RELEASE
FIREFOX_1_1a1_RELEASE
FIREFOX_3_0_10_BUILD1
FIREFOX_3_0_10_RELEASE
FIREFOX_3_0_11_BUILD1
FIREFOX_3_0_11_BUILD2
FIREFOX_3_0_11_RELEASE
FIREFOX_3_0_12_BUILD1
FIREFOX_3_0_12_RELEASE
FIREFOX_3_0_1_BUILD1
FIREFOX_3_0_1_RELEASE
FIREFOX_3_0_2_BUILD1
FIREFOX_3_0_2_BUILD2
FIREFOX_3_0_2_BUILD3
FIREFOX_3_0_2_BUILD4
FIREFOX_3_0_2_BUILD5
FIREFOX_3_0_2_BUILD6
FIREFOX_3_0_2_RELEASE
FIREFOX_3_0_3_BUILD1
FIREFOX_3_0_3_RELEASE
FIREFOX_3_0_4_BUILD1
FIREFOX_3_0_4_RELEASE
FIREFOX_3_0_5_BUILD1
FIREFOX_3_0_5_RELEASE
FIREFOX_3_0_6_BUILD1
FIREFOX_3_0_6_RELEASE
FIREFOX_3_0_7_BUILD1
FIREFOX_3_0_7_BUILD2
FIREFOX_3_0_7_RELEASE
FIREFOX_3_0_8_BUILD1
FIREFOX_3_0_8_BUILD2
FIREFOX_3_0_8_RELEASE
FIREFOX_3_0_9_BUILD1
FIREFOX_3_0_9_BUILD2
FIREFOX_3_0_9_RELEASE
FIREFOX_3_0_RELEASE
FIREFOX_3_0b1_RC1
FIREFOX_3_0b1_RC2
FIREFOX_3_0b1_RC3
FIREFOX_3_0b1_RELEASE
FIREFOX_3_0b2_RC1
FIREFOX_3_0b2_RELEASE
FIREFOX_3_0b3_RC1
FIREFOX_3_0b3_RC2
FIREFOX_3_0b3_RC3
FIREFOX_3_0b3_RELEASE
FIREFOX_3_0b4_RC1
FIREFOX_3_0b4_RC2
FIREFOX_3_0b4_RELEASE
FIREFOX_3_0b5_RC1
FIREFOX_3_0b5_RC2
FIREFOX_3_0b5_RELEASE
FIREFOX_3_0rc1_BUILD1
FIREFOX_3_0rc1_RELEASE
FIREFOX_3_0rc2_BUILD1
FIREFOX_3_0rc2_BUILD2
FIREFOX_3_0rc2_RELEASE
FIREFOX_3_0rc3_BUILD1
FIREFOX_3_0rc3_RELEASE
FastLoadXUL_20020410_BASE
JSS_3_0_RTM
JSS_3_1_BASE
JSS_3_1_RTM
JSS_3_2_BETA1
JSS_3_2_BETA2
JSS_3_2_BETA3
JSS_3_2_BETA3_NS
JSS_3_2_RC
JSS_3_3_1_RTM
JSS_3_3_BETA1
JSS_3_3_RC1
JSS_3_3_RTM
JSS_3_4_1_BETA1
JSS_3_4_1_RTM
JSS_3_4_2_BETA1
JSS_3_4_RTM
JSS_3_5_BETA1
JSS_3_5_RTM
JSS_3_X_BASE
JSS_4_0_BRANCHPOINT
JSS_4_1_BASE
JSS_4_1_BETA1
JSS_4_1_BETA2
JSS_4_1_BETA3
JSS_4_1_BETA4
JSS_4_1_RTM
JSS_4_2_3_RTM
JSS_4_2_4_RTM
JSS_4_2_5_RC0
JSS_4_2_5_RTM
JSS_4_2_6_RTM
JSS_4_2_BETA1
JSS_4_2_BRANCHPOINT
JSS_4_2_RTM
JSS_4_3_1_BETA
JSS_4_3_1_BETA2
JSS_4_3_1_RTM
JSS_4_3_2_RC0
JSS_4_3_2_RTM
JSS_4_3_RTM
JSS_4_4_20170313
JSS_4_4_20170328
JSS_4_4_20170501
JSS_4_4_3
JSS_FIPS_20060524
JSS_PRE_NSS_3_12_API
JSS_TIP_20060224
JSS_TIP_20060404
JS_1_7_ALPHA_MERGE
LIGHTNING_0_1_RELEASE
LayeredDOM_20020307_BASE
MOZILLA_0_9_9_20020301
MOZILLA_1_0_0_BASE
MOZILLA_1_2_1_RELEASE
MOZILLA_1_2_2002110512_BASE
MOZILLA_1_2_RELEASE
MOZILLA_1_2b_RELEASE
MOZILLA_1_3a_RELEASE
MOZILLA_1_4a_RELEASE
MOZILLA_1_6_20031218_BASE
MOZILLA_1_6_RELEASE
MOZILLA_1_6b_RELEASE
MOZILLA_1_9a7_RC1
MOZILLA_1_9a7_RELEASE
MOZILLA_1_9a8_RELEASE
MOZILLA_200303241605_TAG
NSS31Beta1
NSS32RtmAll
NSS_3_10_1_BASE
NSS_3_10_1_RTM
NSS_3_10_BASE
NSS_3_10_BETA1
NSS_3_10_BETA2
NSS_3_10_BETA3
NSS_3_10_RTM
NSS_3_11_BASE
NSS_3_11_RC1
NSS_3_11_RTM
NSS_3_11_TPATCH_20051221_BASE
NSS_3_11_TPATCH_20051221_V3_20060203
NSS_3_12_0_BRANCHPOINT
NSS_3_12_1_RC1
NSS_3_12_1_RC2
NSS_3_12_1_RTM
NSS_3_12_1_WITH_CKBI_1_72_RTM
NSS_3_12_2_RC1
NSS_3_12_2_RTM
NSS_3_12_2_WITH_CKBI_1_73_RTM
NSS_3_12_2_WITH_CKBI_1_75_RTM
NSS_3_12_3_BASE
NSS_3_12_3_BETA1
NSS_3_12_3_BETA2
NSS_3_12_3_BETA3
NSS_3_12_3_BETA4
NSS_3_12_3_RC0
NSS_3_12_3_RTM
NSS_3_12_3_WITH_CKBI_1_75_RTM
NSS_3_12_4_FIPS0
NSS_3_12_4_FIPS1
NSS_3_12_4_FIPS1_WITH_CKBI_1_75
NSS_3_12_4_FIPS2
NSS_3_12_4_FIPS4
NSS_3_12_4_FIPS5
NSS_3_12_4_RTM
NSS_3_12_4_WITH_CKBI_1_77_RTM
NSS_3_12_5_BETA
NSS_3_12_5_RTM
NSS_3_12_6_BETA1
NSS_3_12_6_RC0
NSS_3_12_6_RC1
NSS_3_12_6_RC2
NSS_3_12_6_RTM
NSS_3_12_6_WITH_CKBI_1_79_RTM
NSS_3_12_7_BETA
NSS_3_12_7_BETA2
NSS_3_12_7_RTM
NSS_3_12_ALPHA1
NSS_3_12_ALPHA1A
NSS_3_12_ALPHA1B
NSS_3_12_ALPHA_2B
NSS_3_12_BETA1
NSS_3_12_BETA2
NSS_3_12_BETA3
NSS_3_12_BRANCHPOINT
NSS_3_12_RC1
NSS_3_12_RC2
NSS_3_12_RC3
NSS_3_12_RC4
NSS_3_12_RTM
NSS_3_13_1_BETA1
NSS_3_13_1_BETA2
NSS_3_13_1_RTM
NSS_3_13_2_BETA1
NSS_3_13_2_BETA2
NSS_3_13_2_BETA3
NSS_3_13_2_RC0
NSS_3_13_2_RC1
NSS_3_13_2_RTM
NSS_3_13_3_RC0
NSS_3_13_3_RTM
NSS_3_13_4_BASE
NSS_3_13_4_BETA1
NSS_3_13_4_BETA2
NSS_3_13_4_RTM
NSS_3_13_5_BETA1
NSS_3_13_5_BETA2
NSS_3_13_5_RTM
NSS_3_13_6_BETA1
NSS_3_13_6_RTM
NSS_3_13_6_WITH_CKBI_1_93_RTM
NSS_3_13_BETA1
NSS_3_13_BETA2
NSS_3_13_RC0
NSS_3_13_RTM
NSS_3_14_1_BASE
NSS_3_14_1_BETA1
NSS_3_14_1_BETA2
NSS_3_14_1_BETA3
NSS_3_14_1_RC0
NSS_3_14_1_RTM
NSS_3_14_1_WITH_CKBI_1_93_RTM
NSS_3_14_2_BETA1
NSS_3_14_2_BETA2
NSS_3_14_2_BETA3
NSS_3_14_2_RTM
NSS_3_14_3_BETA1
NSS_3_14_3_RC0
NSS_3_14_3_RTM
NSS_3_14_BETA1
NSS_3_14_RC0
NSS_3_14_RC1
NSS_3_14_RTM
NSS_3_1_BASE
NSS_3_1_NT_RTM
NSS_3_1_RTM
NSS_3_2_1_RTM_SOLARIS_X86
NSS_3_2_BASE
NSS_3_2_BETA2_20010119
NSS_3_2_BETA3
NSS_3_2_BETA4
NSS_3_2_BETA5
NSS_3_2_RTM
NSS_3_3_BASE
NSS_3_3_BETA2
NSS_3_3_BETA3
NSS_3_3_RTM
NSS_3_4_1_RC1
NSS_3_4_1_RC3
NSS_3_4_1_RTM
NSS_3_4_20020114
NSS_3_4_20020329_2
NSS_3_4_20020403_2
NSS_3_4_2_20020528
NSS_3_4_2_BETA1
NSS_3_4_2_BETA2
NSS_3_4_2_RTM
NSS_3_4_3_BETA2
NSS_3_4_3_RTM
NSS_3_4_4_BETA1
NSS_3_4_4_RTM
NSS_3_4_5_RTM
NSS_3_4_BASE
NSS_3_4_BETA1
NSS_3_4_BETA2
NSS_3_4_PRE_BETA
NSS_3_4_RC1
NSS_3_4_RC2
NSS_3_4_RTM
NSS_3_4_SunBeta0314
NSS_3_4_SunBeta0318
NSS_3_4_SunBeta0401
NSS_3_5_BASE
NSS_3_6_1_BETA1
NSS_3_6_1_BETA2
NSS_3_6_1_BETA3
NSS_3_6_1_RTM
NSS_3_6_BASE
NSS_3_6_BETA1
NSS_3_6_BETA2
NSS_3_6_BETA3
NSS_3_6_BRANCH_20021026
NSS_3_6_RTM
NSS_3_7_BASE
NSS_3_7_BETA1
NSS_3_8_BASE
NSS_3_8_BETA1
NSS_3_8_BETA2
NSS_3_8_RTM
NSS_3_8_WTC_TMP
NSS_3_9_BASE
NSS_3_9_BETA1
NSS_3_9_BETA2
NSS_3_9_BETA3
NSS_3_9_BETA4
NSS_3_9_BETA5
NSS_3_9_RTM
NSS_AUTOCONF_BASE
NSS_C
NSS_CLIENT_TAG_20020213
NSS_CLIENT_TAG_20020217
NSS_CLIENT_TAG_20020305
NSS_CLIENT_TAG_20020308
NSS_CLIENT_TAG_20020319
NSS_CLIENT_TAG_20020515
NSS_CLIENT_TAG_20031219
NSS_CLIENT_TAG_20040123
NSS_CLIENT_TAG_20040124
NSS_HEAD_20090409
NSS_HEAD_BEFORE_RFC4507BIS
NSS_LIBPKIX_START
NSS_MULTIACCESS_DB_TAG
NSS_MULTIACCESS_DB_TAG_20020818_1
NSS_NSCP_20020228_1
NSS_OTIS_BETA_1
NSS_OTIS_BETA_2
NSS_OTIS_RELEASE_1
NSS_PERFORMANCE_HACKS_BASE
NSS_PHB_POST_FORTEZZA
NSS_PRE_PKIX_MERGE
NSS_RFC4507BIS_BASE
NSS_TIP_20020305
NSS_TIP_20020426
NSS_TIP_20020503
NSS_TIP_20020510
NSS_TRUNK_20060424
NSS_WINCE_ALPHA_BASE
PHOENIX_0_2_RELEASE
PHOENIX_0_3_RELEASE
PHOENIX_0_4_RELEASE
PHOENIX_0_5_RELEASE
PSM20_M_1_5_TAG
PSM20_M_2_TAG
PSM_1_2_RTM
PSM_1_3_RTM
PSM_1_4_N6
REFLOW_20020412_BASE
REFLOW_20020422_BASE
REFLOW_20020502_BASE
RMCH_20021105_BASE
ROGC_20020430_BASE
ROGC_20020430_FREEZE
ROGC_20020603_FREEZE
ROGC_20020802_FREEZE
ROGC_20020830_FREEZE
ROGC_20020930_FREEZE
ROGC_20021218_FREEZE
SECURITY_3_10_RTM
SECURITY_3_9_2_BETA2
SOFTWARE_UPDATE_20050428_BASE
SPLITWINDOW_20050714_INITIAL_TRUNK_LANDING
STRING_20040119_BASE
SUNBIRD_0_3a2_RELEASE
SUN_SECURITY_3_9_3_O3B7
SVRCORE_4_0_1_RTM
SVRCORE_4_0_2_RTM
SYD_TEST_03052002_BASE
THUNDERBIRD_0_4_BASE
THUNDERBIRD_0_5_RELEASE
THUNDERBIRD_1_1a1_RELEASE
THUNDERBIRD_3_0a1_BUILD1
THUNDERBIRD_3_0a1_RELEASE
THUNDERBIRD_3_0a2_BUILD1
THUNDERBIRD_3_0a2_RELEASE
THUNDERBIRD_M3_BASE
THUNDERBIRD_M4_BASE
WINCE_20020218_BASE
XPC_IDISP_20020417_BRANCH
before_moz_pkg_names_20001218
moz_20020902
moz_20020906
moz_20020919
moz_ux_20021009
moz_ux_20021014
moz_ux_20021026
moz_ux_20021104
moz_ux_20021108
moz_ux_20021122
moz_ux_20021202
moz_ux_20021203
moz_win_20021009
moz_win_20021014
moz_win_20021026
moz_win_20021104
moz_win_20021108
moz_win_20021122
moz_win_20021202
moz_win_20021203
nss34_20020321
nss_20020222
nss_20020225
nss_20021126
nss_20021204
nss_3_12_5_BETA2
nsstip_20020225
nsstip_nt_20020228
smimetk_branch_point

v4.*

v4.4.3
v4.4.4
v4.5.0
v4.5.0-a1
v4.5.0-a2
v4.5.0-a3
v4.5.0-a4
v4.5.0-b1
v4.5.1
v4.5.2
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.7.0
v4.7.0-b1
v4.7.0-b2
v4.7.0-b3
v4.7.0-b4
v4.7.1
v4.7.2
v4.8.0
v4.8.0-b1
v4.8.1
v4.9.0-alpha1

v5.*

v5.0.0
v5.0.0-alpha1
v5.0.0-beta1
v5.1.0-alpha1
v5.1.0-alpha2

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java",
            "function": "cleanupSSLFD"
        },
        "digest": {
            "length": 444.0,
            "function_hash": "53900283518551809885924419871545033797"
        },
        "id": "CVE-2021-4213-1e6e0e4e",
        "signature_type": "Function",
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "src/main/java/org/mozilla/jss/nss/SSLFDProxy.java",
            "function": "releaseNativeResources"
        },
        "digest": {
            "length": 165.0,
            "function_hash": "156225052922560045367427690358805773123"
        },
        "id": "CVE-2021-4213-319b8b37",
        "signature_type": "Function",
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "src/main/java/org/mozilla/jss/nss/SSLFDProxy.java"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "70414584937688691418959387837383639088",
                "184380057306289880382970560034723865336",
                "289180661143112163918906210432224844254",
                "260711449837960221625440174471868579663",
                "147265512721861978994190199797215748843",
                "10196732133123374531843117410672514415",
                "299482203258699554369622827932554896111",
                "205640474597147053195859000299904183990",
                "297443378685805027606782421161262206014",
                "103672784752009183058197262856681291262",
                "100604562822771284684289016573000961557",
                "108587633537507210242609878158511307392"
            ]
        },
        "id": "CVE-2021-4213-82ef5c48",
        "signature_type": "Line",
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "src/main/java/org/mozilla/jss/util/GlobalRefProxy.java"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "148430987734620631526867309489734105335",
                "136551681666045459290051962843935282635",
                "271516098814979977888817798041242170439",
                "55404809171744665335595296731884407523"
            ]
        },
        "id": "CVE-2021-4213-abf7b8ab",
        "signature_type": "Line",
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "203692485456295385397758516792272558075",
                "16191805119952505393581590119351600524",
                "49939681293512275685100863593396623991",
                "253875525362253716144048744726692625250",
                "289124356721616494175359873477054604907",
                "72534848300577167057492073107428433662",
                "243432235600768492575099973824243956780",
                "26524115824917176634157549856519774790",
                "335486120791894628648788999364448710616",
                "257556877707185846372730833220240311335",
                "77227145818541382172210577852980687646",
                "125546490764732189946148779822259188972",
                "162024439652882201799859336716404027896",
                "303906379920496623012138155819742482134",
                "324469498220904681607458504736737127332",
                "150627077577791991003551644809907184063",
                "244116941531702325687997541856182447210",
                "314984313646827669005302199914587703232",
                "228398403339612311472317892733370025702",
                "229887134261204045962845918494914263950",
                "289364554913352539270557840493695808202",
                "242691874994251331260525114288807794775"
            ]
        },
        "id": "CVE-2021-4213-f552131f",
        "signature_type": "Line",
        "source": "https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448",
        "signature_version": "v1"
    }
]