CVE-2021-21290
Published at:
-
08-02-2021 09:15
Last modified:
-
12-05-2022 04:33
Total changes:
-
23
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Local
Attack vector
None
Availability
High
Confidentiality
None
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
5.5
Base score
1.8
3.6
Exploitability score
Impact score
Verification logic
Reference
- https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2
- https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec
- [debian-lts-announce] 20210211 [SECURITY] [DLA 2555-1] netty security update-Mailing List, Third Party Advisory
- [kafka-jira] 20210301 [jira] [Created] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Patch, Third Party Advisory
- [kafka-dev] 20210301 [jira] [Created] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Patch, Third Party Advisory
- [kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr opened a new pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-jira] 20210301 [jira] [Assigned] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Patch, Third Party Advisory
- [kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- [kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290-Mailing List, Third Party Advisory
- https://lists.apache.org/thread.html/r0053443ce19ff125981559f8c51cf66e3ab4350f47812b8cf0733a05@%3Cdev.kafka.apache.org%3E
- [zookeeper-dev] 20210311 [jira] [Created] (ZOOKEEPER-4242) Upgrade Netty library to > 4.1.59 due to security vulnerability-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210311 [jira] [Created] (ZOOKEEPER-4242) Upgrade Netty library to > 4.1.59 due to security vulnerability-Mailing List, Third Party Advisory
- [tinkerpop-dev] 20210316 [jira] [Created] (TINKERPOP-2535) Netty 4.1.52 flagged as medium security violation-Mailing List, Third Party Advisory
- [ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295-Mailing List, Third Party Advisory
- [ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295-Mailing List, Third Party Advisory
- [pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290-Mailing List, Third Party Advisory
- [pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final-Mailing List, Third Party Advisory
- [pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290-Mailing List, Third Party Advisory
- [bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final-Mailing List, Third Party Advisory
- [kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295-Mailing List, Third Party Advisory
- [kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295-Mailing List, Third Party Advisory
- [zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295-Mailing List, Third Party Advisory
- [kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295-Mailing List, Third Party Advisory
- DSA-4885-Third Party Advisory
- https://www.oracle.com/security-alerts/cpuApr2021.html
- [activemq-users] 20210715 Next ActiveMQ Artemis Release - CVE-2021-21290 vulnerability-Mailing List, Third Party Advisory
- N/A-Third Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.html
- [pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0-Mailing List, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20220210-0011/
- https://www.oracle.com/security-alerts/cpuapr2022.html
Keywords