{"id":"CVE-2021-4213","details":"A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.","modified":"2026-03-10T23:49:05.316687Z","published":"2022-08-24T16:15:09.980Z","related":["ALSA-2022:1851"],"references":[{"type":"WEB"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2021-4213"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2021-4213"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042900"},{"type":"FIX","url":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2"},{"type":"FIX","url":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dogtagpki/jss","events":[{"introduced":"0"},{"fixed":"99b32c3515304a2053fe03bd460a2e11ecc6872f"},{"introduced":"21af2aaec9e8948019e5189fa3fa5d2417f9eafa"},{"fixed":"6472faa92930120fff9d350d04343a5a8fbc9d91"},{"fixed":"3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2"},{"fixed":"5922560a78d0dee61af8a33cc9cfbf4cfa291448"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.9.3"},{"introduced":"5.0.0"},{"fixed":"5.1.0"}]}}],"versions":["v5.0.0","v5.1.0-alpha1","v5.1.0-alpha2"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/6472faa92930120fff9d350d04343a5a8fbc9d91","deprecated":false,"id":"CVE-2021-4213-08178e16","target":{"file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"line_hashes":["37432704366700311483301766886398557852","294858725942001584942105130223247473799","60006491667414592306235336524934132073","100836594654931845128508451801298076821","326853062492569989422745553414016718497","190767088664547324683593368630807189480","198854810990081849766030138853555691566","151635163410598877725097489288426482454"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/6472faa92930120fff9d350d04343a5a8fbc9d91","deprecated":false,"id":"CVE-2021-4213-15e35920","target":{"function":"checkSSLAlerts","file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"length":1302,"function_hash":"219749423068332797498153345312605903130"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","deprecated":false,"id":"CVE-2021-4213-1e6e0e4e","target":{"function":"cleanupSSLFD","file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"length":444,"function_hash":"53900283518551809885924419871545033797"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","deprecated":false,"id":"CVE-2021-4213-319b8b37","target":{"function":"releaseNativeResources","file":"src/main/java/org/mozilla/jss/nss/SSLFDProxy.java"},"digest":{"length":165,"function_hash":"156225052922560045367427690358805773123"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","deprecated":false,"id":"CVE-2021-4213-82ef5c48","target":{"file":"src/main/java/org/mozilla/jss/nss/SSLFDProxy.java"},"digest":{"line_hashes":["70414584937688691418959387837383639088","184380057306289880382970560034723865336","289180661143112163918906210432224844254","260711449837960221625440174471868579663","147265512721861978994190199797215748843","10196732133123374531843117410672514415","299482203258699554369622827932554896111","205640474597147053195859000299904183990","297443378685805027606782421161262206014","103672784752009183058197262856681291262","100604562822771284684289016573000961557","108587633537507210242609878158511307392"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","deprecated":false,"id":"CVE-2021-4213-abf7b8ab","target":{"file":"src/main/java/org/mozilla/jss/util/GlobalRefProxy.java"},"digest":{"line_hashes":["148430987734620631526867309489734105335","136551681666045459290051962843935282635","271516098814979977888817798041242170439","55404809171744665335595296731884407523"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","deprecated":false,"id":"CVE-2021-4213-d8a842c2","target":{"function":"checkSSLAlerts","file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"length":1302,"function_hash":"219749423068332797498153345312605903130"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","deprecated":false,"id":"CVE-2021-4213-f41a1a61","target":{"file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"line_hashes":["37432704366700311483301766886398557852","294858725942001584942105130223247473799","60006491667414592306235336524934132073","100836594654931845128508451801298076821","326853062492569989422745553414016718497","190767088664547324683593368630807189480","198854810990081849766030138853555691566","151635163410598877725097489288426482454"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","deprecated":false,"id":"CVE-2021-4213-f552131f","target":{"file":"src/main/java/org/mozilla/jss/ssl/javax/JSSEngineReferenceImpl.java"},"digest":{"line_hashes":["203692485456295385397758516792272558075","16191805119952505393581590119351600524","49939681293512275685100863593396623991","253875525362253716144048744726692625250","289124356721616494175359873477054604907","72534848300577167057492073107428433662","243432235600768492575099973824243956780","26524115824917176634157549856519774790","335486120791894628648788999364448710616","257556877707185846372730833220240311335","77227145818541382172210577852980687646","125546490764732189946148779822259188972","162024439652882201799859336716404027896","303906379920496623012138155819742482134","324469498220904681607458504736737127332","150627077577791991003551644809907184063","244116941531702325687997541856182447210","314984313646827669005302199914587703232","228398403339612311472317892733370025702","229887134261204045962845918494914263950","289364554913352539270557840493695808202","242691874994251331260525114288807794775"],"threshold":0.9},"signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4213.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}