In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.
                
            References
                    | Link | Resource | 
|---|---|
| http://www.openwall.com/lists/oss-security/2021/11/01/2 | Mailing List Patch Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2021/11/01/8 | Mailing List Third Party Advisory | 
| https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E | Mailing List Patch Vendor Advisory | 
| https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2021/11/01/2 | Mailing List Patch Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2021/11/01/8 | Mailing List Third Party Advisory | 
| https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E | Mailing List Patch Vendor Advisory | 
| https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2021-11-01 09:15
Updated : 2024-11-21 06:27
NVD link : CVE-2021-41973
Mitre link : CVE-2021-41973
CVE.ORG link : CVE-2021-41973
JSON object : View
Products Affected
                apache
- mina
oracle
- banking_trade_finance_process_management
- banking_treasury_management
- banking_payments
- customer_management_and_segmentation_foundation
- flexcube_universal_banking
- fusion_middleware_common_libraries_and_tools
- oss_support_tools
- communications_cloud_native_core_console
CWE
                
                    
                        
                        CWE-835
                        
            Loop with Unreachable Exit Condition ('Infinite Loop')
