Home > Vulnerability Database > CVE-2021-4213

Mend.io Vulnerability Database

CVE-2021-4213

Good to know:

Date: August 24, 2022

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

Language: Java

Severity Score

7.5

Related Resources (7)

Url: https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448

Url: https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-4213

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2042900

Url: https://security-tracker.debian.org/tracker/CVE-2021-4213

Url: https://access.redhat.com/security/cve/CVE-2021-4213

Url: https://www.mend.io/vulnerability-database/CVE-2021-4213

Severity Score

7.5

Weakness Type (CWE)

Missing Release of Memory after Effective Lifetime

CWE-401

Top Fix

Upgrade Version

Upgrade to version v5.1.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2021-4213

Good to know:

Date: August 24, 2022

Language: Java

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?