Oval Definition:oval:org.opensuse.security:def:202142340
Revision Date:2022-09-02Version:1
Title:CVE-2021-42340
Description:

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-42340
SUSE CVE-2021-42340
Platform(s):SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-3_1-api is not affected
  • OR tomcat-webapps is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-3_1-api is not affected
  • OR tomcat-webapps is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-3_1-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Enterprise Storage 6 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • BACK