Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2021-41973

Published: 01/11/2021 Updated: 02/05/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache mina

oracle customer management and segmentation foundation 18.0

oracle banking trade finance process management 14.5

oracle communications cloud native core console 1.9.0

oracle banking payments 14.5

oracle banking treasury management 14.5

oracle customer management and segmentation foundation 19.0

oracle fusion middleware common libraries and tools 12.2.1.4.0

oracle fusion middleware common libraries and tools 14.1.1.0.0

oracle oss support tools 2.12.42

oracle fusion middleware common libraries and tools 12.2.1.3.0

oracle flexcube universal banking 14.5

oracle flexcube universal banking

Mailing Lists

Full Disclosure: [ANNOUNCE] Apache MINA 2.0.22 & 2.1.5 released
The Apache MINA project is pleased to announce MINA 2022 and 215 ! Apache MINA (minaapacheorg) is a network application framework which helps users develop high performance and high scalability network applications easily by providing an abstract, event-driven, asynchronous API over various transports such as TCP/IP and UDP/IP vis Ja ...
Full Disclosure: CVE-2021-41973: Apache MINA HTTP listener DOS
Severity: critical Description: In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected Please update MINA to 215 or greater References: listsapa ...

References

CWE-835https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3Ehttp://www.openwall.com/lists/oss-security/2021/11/01/2http://www.openwall.com/lists/oss-security/2021/11/01/8https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://nvd.nist.govhttp://seclists.org/oss-sec/2021/q4/76
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044client sideCVE-2021-47601deserializationCVE-2024-34994encryptionCVE-2021-47609CVE-2024-37079CVE-2024-38608
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook