Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-4213

Опубликовано: 24 авг. 2022
Источник: debian

Описание

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jssfixed5.2.0-1package
jssno-dsabullseyepackage
jssno-dsabusterpackage
jsspostponedstretchpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2042900

  • https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448 (v5.2.0-beta1)

  • https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2 (v5.2.0-beta1)

Связанные уязвимости

CVSS3: 7.5
ubuntu
почти 3 года назад

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

CVSS3: 7.5
redhat
больше 3 лет назад

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

CVSS3: 7.5
nvd
почти 3 года назад

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

rocky
около 3 лет назад

Moderate: pki-core:10.6 security and bug fix update

CVSS3: 7.5
github
почти 3 года назад

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.