{"api_version":"1","generated_at":"2026-04-23T01:32:14+00:00","cve":"CVE-2021-4213","urls":{"html":"https://cve.report/CVE-2021-4213","api":"https://cve.report/api/cve/CVE-2021-4213.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-4213","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-4213"},"summary":{"title":"CVE-2021-4213","description":"A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2022-08-24 16:15:00","updated_at":"2022-08-29 13:19:00"},"problem_types":["CWE-401"],"metrics":[],"references":[{"url":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","name":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","refsource":"MISC","tags":[],"title":"Fix memory leak on each TLS connection · dogtagpki/jss@5922560 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security-tracker.debian.org/tracker/CVE-2021-4213","name":"https://security-tracker.debian.org/tracker/CVE-2021-4213","refsource":"MISC","tags":[],"title":"CVE-2021-4213","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042900","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2042900","refsource":"MISC","tags":[],"title":"2042900 – (CVE-2021-4213) CVE-2021-4213 JSS: memory leak in TLS connection leads to OOM","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","name":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","refsource":"MISC","tags":[],"title":"Additional fix for TLS connection I missed from original patch · dogtagpki/jss@3aabe0e · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/security/cve/CVE-2021-4213","name":"https://access.redhat.com/security/cve/CVE-2021-4213","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-4213","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4213","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"4213","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4213","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4213","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dogtagpki","cpe5":"network_security_services_for_java","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4213","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-4213","qid":"159837","title":"Oracle Enterprise Linux Security Update for pki-core:10.6 (ELSA-2022-1851)"},{"cve":"CVE-2021-4213","qid":"182303","title":"Debian Security Update for jss (CVE-2021-4213)"},{"cve":"CVE-2021-4213","qid":"240289","title":"Red Hat Update for pki-core:10.6 (RHSA-2022:1851)"},{"cve":"CVE-2021-4213","qid":"940497","title":"AlmaLinux Security Update for pki-core:10.6 (ALSA-2022:1851)"},{"cve":"CVE-2021-4213","qid":"960436","title":"Rocky Linux Security Update for pki-core:10.6 (RLSA-2022:1851)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-4213","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"JSS","version":{"version_data":[{"version_value":"Fixed in v5.2.0-beta1"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-401 - Missing Release of Memory after Effective Lifetime"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2042900","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042900"},{"refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2021-4213","url":"https://access.redhat.com/security/cve/CVE-2021-4213"},{"refsource":"MISC","name":"https://security-tracker.debian.org/tracker/CVE-2021-4213","url":"https://security-tracker.debian.org/tracker/CVE-2021-4213"},{"refsource":"MISC","name":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","url":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448"},{"refsource":"MISC","name":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","url":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2"}]},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service."}]}},"nvd":{"publishedDate":"2022-08-24 16:15:00","lastModifiedDate":"2022-08-29 13:19:00","problem_types":["CWE-401"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dogtagpki:network_security_services_for_java:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.1.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dogtagpki:network_security_services_for_java:*:*:*:*:*:*:*:*","versionEndExcluding":"4.9.3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"4213","Ordinal":"227013","Title":"CVE-2021-4213","CVE":"CVE-2021-4213","Year":"2021"},"notes":[]}}}