QwikSec

Security Database

CVE

CWE

Training

CVE-2021-4213

Published: Aug 24, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

Vendor	Product	Versions
n/a	JSS	affected `Fixed in v5.2.0-beta1`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2042900

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2021-4213

x_refsource_MISC

https://security-tracker.debian.org/tracker/CVE-2021-4213

x_refsource_MISC

https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448

x_refsource_MISC

https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.