VDB

RHSA-2021%3A2920

RHSA-2021%3A2920 PUBLISHED CVSS 7.5 HIGH

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainer-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64 as a component of CNV 4.8 for RHEL 8container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64

Timeline

  • Jul 28, 2021 CVE Published
  • Apr 30, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›