CVE-2021-3629

Summary

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.

Affected Software

VendorProductVersion RangeStatus
n/aundertowundertow 2.0.40.Final, undertow 2.2.11.Finalaffected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CVE Program Container

Additional References

References