CVE & CISA-KEV Catalog

CVE-2021-3690

HIGH
7.5
CVSS v3
NVD

Description

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.

How to fix

Remediation Available
undertowDebian
Fixed in:2.2.10-1CVE-2021-3690
eap7-activemq-artemisRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemisRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-cliRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-cliRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-commonsRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-commonsRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-core-clientRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-core-clientRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-dtoRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-dtoRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-hornetq-protocolRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-hornetq-protocolRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-hqclient-protocolRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-hqclient-protocolRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jdbc-storeRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jdbc-storeRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jms-clientRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jms-clientRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jms-serverRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-jms-serverRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-journalRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-journalRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-nativeRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-nativeRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-raRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-raRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-selectorRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-selectorRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-serverRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-serverRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-service-extensionsRed Hat / RHEL
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-activemq-artemis-service-extensionsRocky
Fixed in:0:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-nativeRed Hat / RHEL
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-nativeRocky
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-native-debuginfoRocky
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-native-debuginfoRed Hat / RHEL
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-native-wildflyRocky
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-artemis-native-wildflyRed Hat / RHEL
Fixed in:1:1.5.5.016-1.redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-jboss-xnio-baseRed Hat / RHEL
Fixed in:0:3.5.11-1.Final_redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:3.5.11-1.Final_redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-jboss-xnio-baseRocky
Fixed in:0:3.5.11-1.Final_redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:3.5.11-1.Final_redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-jsoupRocky
Fixed in:0:1.14.2-1.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.14.2-1.redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-jsoupRed Hat / RHEL
Fixed in:0:1.14.2-1.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.14.2-1.redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-undertowRed Hat / RHEL
Fixed in:0:1.4.18-14.SP13_redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.4.18-14.SP13_redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-undertowRocky
Fixed in:0:1.4.18-14.SP13_redhat_00001.1.ep7.el7RHSA-2025:4226
Fixed in:0:1.4.18-14.SP13_redhat_00001.1.ep7.el7RHSA-2025:4226
eap7-wildflyRocky
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-wildflyRed Hat / RHEL
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-wildfly-modulesRed Hat / RHEL
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-wildfly-modulesRocky
Fixed in:0:7.1.10-2.GA_redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-woodstox-coreRocky
Fixed in:0:5.0.3-2.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:5.0.3-2.redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-woodstox-coreRed Hat / RHEL
Fixed in:0:5.0.3-2.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:5.0.3-2.redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-xml-securityRed Hat / RHEL
Fixed in:0:2.0.10-2.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:2.0.10-2.redhat_00002.1.ep7.el7RHSA-2025:4226
eap7-xml-securityRocky
Fixed in:0:2.0.10-2.redhat_00002.1.ep7.el7RHSA-2025:4226
Fixed in:0:2.0.10-2.redhat_00002.1.ep7.el7RHSA-2025:4226

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

1.38%probability of exploitation in 30 days
69thpercentile

Moderate risk: more likely to be exploited than 69% of all known CVEs.

References

Related Vulnerabilities

Other CWE-400 (Resource Exhaustion) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-44487High7.5100%KEVFix
CVE-2021-44228Critical10.0100%KEV + RansomFix
CVE-2011-3192High7.899%-Fix
CVE-2019-11478Medium5.395%-Fix
CVE-2024-25617Medium5.389%-Fix
CVE-2018-1000115High7.589%-Fix
Embed a live status badge for CVE-2021-3690
CVE-2021-3690 severity badge

Markdown

[![CVE-2021-3690](https://tridentstack.com/cve/badge/CVE-2021-3690.svg)](https://tridentstack.com/cve/CVE-2021-3690)

HTML

<a href="https://tridentstack.com/cve/CVE-2021-3690"><img src="https://tridentstack.com/cve/badge/CVE-2021-3690.svg" alt="CVE-2021-3690"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.