logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-42340

Description

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError.


Affected Software


CPE Name Name Version
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.1.0
apache:tomcat apache tomcat 10.1.0
apache:tomcat apache tomcat 10.1.0
apache:tomcat apache tomcat 10.1.0
apache:tomcat apache tomcat 10.1.0
apache:tomcat apache tomcat 10.0.12
apache:tomcat apache tomcat 8.5.72
apache:tomcat apache tomcat 9.0.54
netapp:hci netapp hci -
netapp:management_services_for_element_software netapp management services for element software -
debian:debian_linux debian debian linux 11.0
oracle:sd-wan_edge oracle sd-wan edge 9.0
oracle:hospitality_cruise_shipboard_property_management_system oracle hospitality cruise shipboard property management system 20.1.0
oracle:sd-wan_edge oracle sd-wan edge 9.1
oracle:communications_diameter_signaling_router oracle communications diameter signaling router 8.5.0.2
oracle:middleware_common_libraries_and_tools oracle middleware common libraries and tools 12.2.1.4.0
oracle:retail_customer_insights oracle retail customer insights 15.0.2
oracle:retail_customer_insights oracle retail customer insights 16.0.2
oracle:taleo_platform oracle taleo platform *
oracle:payment_interface oracle payment interface 20.3
oracle:payment_interface oracle payment interface 19.1
oracle:retail_eftlink oracle retail eftlink 21.0.0
oracle:retail_data_extractor_for_merchandising oracle retail data extractor for merchandising 16.0.2
oracle:retail_data_extractor_for_merchandising oracle retail data extractor for merchandising 15.0.2
oracle:retail_financial_integration oracle retail financial integration 19.0.0
oracle:retail_financial_integration oracle retail financial integration 16.0.1
oracle:retail_store_inventory_management oracle retail store inventory management 14.1.3.5
oracle:retail_store_inventory_management oracle retail store inventory management 14.1.3.14
oracle:retail_store_inventory_management oracle retail store inventory management 15.0.3.3
oracle:retail_store_inventory_management oracle retail store inventory management 15.0.3.8
oracle:retail_store_inventory_management oracle retail store inventory management 16.0.3.7
oracle:retail_store_inventory_management oracle retail store inventory management 14.0.4.13

Related