Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-41973

Опубликовано: 01 нояб. 2021
Источник: nvd
CVSS3: 6.5
CVSS2: 4.3
EPSS Низкий

Описание

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:mina:*:*:*:*:*:*:*:*
Версия до 2.0.22 (исключая)
cpe:2.3:a:apache:mina:*:*:*:*:*:*:*:*
Версия от 2.1.0 (включая) до 2.1.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*
Версия от 14.0 (включая) до 14.3 (включая)
cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fusion_middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fusion_middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fusion_middleware_common_libraries_and_tools:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oss_support_tools:2.12.42:*:*:*:*:*:*:*

EPSS

Процентиль: 72%
0.00725
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835
CWE-835

Связанные уязвимости

ubuntu логотип

CVE-2021-41973

CVSS3: 6.5
ubuntu
больше 4 лет назад

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.

redhat логотип

CVE-2021-41973

CVSS3: 6.5
redhat
больше 4 лет назад

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.

debian логотип

CVE-2021-41973

CVSS3: 6.5
debian
больше 4 лет назад

In Apache MINA, a specifically crafted, malformed HTTP request may cau ...

github логотип

GHSA-6mcm-j9cj-3vc3

CVSS3: 6.5
github
больше 4 лет назад

Infinite loop in Apache MINA

EPSS

Процентиль: 72%
0.00725
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835
CWE-835