How severe is CVE-2021-43980?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2021-43980?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2021-43980 - LOW Severity | CVSS 3.7

Vulnerability Description

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.

Related Vulnerabilities

CVE-2011-1075

LOW

CVSS:3.7(Low)

FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, wh...

CWE-3622011

CVE-2018-3759

LOW

CVSS:3.7(Low)

private_address_check ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can t...

CWE-3622018

CVE-2020-11810

LOW

CVSS:3.7(Low)

An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arriv...

CWE-3622020

CVE-2020-27746

LOW

CVSS:3.7(Low)

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc...

CWE-3622020

CVE-2021-36994

LOW

CVSS:3.7(Low)

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions w...

CWE-3622021

CVE-2021-37073

LOW

CVSS:3.7(Low)

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

CWE-3622021