CVE-2021-30129: Missing Release of Resource after Effective Lifetime

August 2, 2021

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0

References

github.com/advisories/GHSA-9279-7hph-r3xw
nvd.nist.gov/vuln/detail/CVE-2021-30129

Code Behaviors & Features

Detect and mitigate CVE-2021-30129 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →