High severityNVD Advisory· Published May 24, 2022· Updated Aug 3, 2024
CVE-2021-3629
CVE-2021-3629
Description
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.undertow:undertow-coreMaven | < 2.0.40.Final | 2.0.40.Final |
io.undertow:undertow-coreMaven | >= 2.1.0, < 2.2.11.Final | 2.2.11.Final |
Affected products
2- Undertow/Undertowdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-rf6q-vx79-mjxrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3629ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- security.netapp.com/advisory/ntap-20220729-0008ghsaWEB
- security.netapp.com/advisory/ntap-20220729-0008/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.