CVE-2021-3597

🗓️ 24 May 2022 18:19:11Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 264 Views

Flaw in undertow allows denial of service via HTTP2SourceChannel

Reporter	Title	Published	Views	Family All 53
ATTACKERKB	CVE-2021-3597	24 May 202219:15	–	attackerkb
Circl	CVE-2021-3597	24 May 202222:37	–	circl
CNNVD	Red Hat Undertow 竞争条件问题漏洞	11 Jun 202100:00	–	cnnvd
Cvelist	CVE-2021-3597	24 May 202218:19	–	cvelist
Debian CVE	CVE-2021-3597	24 May 202218:19	–	debiancve
EUVD	EUVD-2022-4550	3 Oct 202520:07	–	euvd
Github Security Blog	undertow Race Condition vulnerability	25 May 202200:00	–	github
NCSC	Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform 7.4.1	24 Sep 202100:00	–	ncsc
NCSC	Vulnerabilities fixed in Oracle Communications	19 Oct 202200:00	–	ncsc
NVD	CVE-2021-3597	24 May 202219:15	–	nvd

NVD

Vulners

Node

redhat fuseMatch1.0

redhat jboss_enterprise_application_platformMatch-text-only

redhat openshift_application_runtimesMatch-text-only

redhat single_sign-onMatch-text-only

redhat undertowRange<2.0.35

redhat undertowRange2.2.0–2.2.6

redhat undertowMatch2.0.35-

redhat undertowMatch2.0.36-

redhat undertowMatch2.0.39-

redhat undertowMatch2.2.6-

redhat undertowMatch2.2.7-

redhat undertowMatch2.2.9-

Node

redhat jboss_enterprise_application_platformMatch7.3

redhat jboss_enterprise_application_platformMatch7.4

AND

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

Node

netapp active_iq_unified_managerMatch-linux

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp oncommand_insightMatch-

netapp oncommand_workflow_automationMatch-

[
  {
    "product": "undertow",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "undertow 2.0.35.SP1, undertow 2.2.6.SP1, undertow 2.2.7.SP1, undertow 2.0.36.SP1, undertow 2.2.9.Final, undertow 2.0.39.Final"
      }
    ]
  }
]