Undertow Uncontrolled Resource Consumption

GHSA-rf6q-vx79-mjxr · CVE-2021-3629

Published May 25, 2022 · Modified Jun 12, 2025

Description

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-3629
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1977362
PACKAGE https://github.com/undertow-io/undertow
WEB https://security.netapp.com/advisory/ntap-20220729-0008

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes