Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-4213


A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.


Published

2022-08-24T16:15:09.980

Last Modified

2024-11-21T06:37:09.933

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-401
  • Type: Primary
    CWE-401

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application dogtagpki network_security_services_for_java < 4.9.3 Yes
Application dogtagpki network_security_services_for_java < 5.1.0 Yes
Operating System redhat enterprise_linux 8.0 Yes
Operating System debian debian_linux 10.0 Yes
Operating System debian debian_linux 11.0 Yes

References