{"id":"CVE-2021-30129","details":"A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0","aliases":["GHSA-9279-7hph-r3xw"],"modified":"2026-05-08T04:46:01.060124Z","published":"2021-07-12T12:15:07.783Z","database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.5"}]},{"cpe":"cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.5"}]},{"cpe":"cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.5"}]},{"cpe":"cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"1.9.0"}]},{"cpe":"cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"14.0.0"},{"last_affected":"14.3.0"}]},{"cpe":"cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.5"}]},{"cpe":"cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"12.2.1.3.0"}]},{"cpe":"cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"12.2.1.4.0"}]},{"cpe":"cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.1.0.0"}]},{"cpe":"cpe:2.3:a:oracle:oss_support_tools:2.12.42:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"2.12.42"}]},{"cpe":"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"18.0"}]},{"cpe":"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"19.0"}]}]},"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/red01829efa2a8c893c4baff4f23c9312bd938543a9b8658e172b853b%40%3Cannounce.apache.org%3E"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/07/12/1"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/r6d4f78e192a0c8eabd671a018da464024642980ecd24096bde6db36f%40%3Cusers.mina.apache.org%3E"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/mina-sshd","events":[{"introduced":"3d614500b27f2e587a38a59dff1aa56013672a99"},{"fixed":"2772c7c8f6afb8c53546ca803501f52118bd0491"}],"database_specific":{"cpe":"cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"2.0.0"},{"fixed":"2.7.0"}]}}],"versions":["sshd-2.0.0","sshd-2.1.0","sshd-2.2.0","sshd-2.3.0","sshd-2.4.0","sshd-2.5.0","sshd-2.5.1","sshd-2.6.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-30129.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}