GHSA-9959-6p3m-wxpc
Suggest an improvement- Source
- https://github.com/advisories/GHSA-9959-6p3m-wxpc
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-9959-6p3m-wxpc/GHSA-9959-6p3m-wxpc.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-9959-6p3m-wxpc
- Aliases
-
- CVE-2014-3488
- Published
- 2020-06-30T21:01:31Z
- Modified
- 2023-11-08T03:57:37.697735Z
- Summary
- Denial of service in Netty
- Details
-
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-119" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2020-06-30T20:50:42Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2014-3488
- https://github.com/netty/netty/issues/2562
- https://github.com/netty/netty/commit/2fa9400a59d0563a66908aba55c41e7285a04994
- https://github.com/netty/netty
- https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSNETTY-31630
- http://netty.io/news/2014/06/11/3-9-2-Final.html
- http://secunia.com/advisories/59196
Affected packages
Maven / io.netty:netty-handler
Package
- Name
- io.netty:netty-handler
- View open source insights on deps.dev
- Purl
- pkg:maven/io.netty/netty-handler