Back to all
CVE

CVE-2021-3690

Undertow vulnerable to memory exhaustion due to buffer leak

Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.

Endor Patches

Patch Name
Vulnerabilities fixed
Lines of Code Changed
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream