Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Undertow Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability - CVE-2021-3597 - Vulnerability Database
Undertow

Undertow Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability - CVE-2021-3597

Medium
Reference: CVE-2021-3597
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-3597
Title: Undertow Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
Overview:

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1 prior to 2.2.6.SP1 prior to 2.2.7.SP1 prior to 2.0.36.SP1 prior to 2.2.9.Final and prior to 2.0.39.Final.