7.8
CVSSv3

CVE-2014-3488

CVSSv4: NA | CVSSv3: 7.8 | CVSSv2: 5 | VMScore: 600 | EPSS: 0.0118 | KEV: Not Included
Published: 31/07/2014 Updated: 21/11/2024

Vulnerability Summary

The SslHandler in Netty prior to 3.9.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

netty netty

netty netty 3.6.0

netty netty 3.6.1

netty netty 3.6.2

netty netty 3.6.3

netty netty 3.6.4

netty netty 3.6.5

netty netty 3.6.6

netty netty 3.6.7

netty netty 3.6.8

netty netty 3.7.0

netty netty 3.8.0

netty netty 3.8.1

netty netty 3.9.0

netty netty 3.9.1

Vendor Advisories

The SslHandler in Netty before 392 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message ...

Github Repositories

Enforced Super POM for build stable artifacts

Super-POM 超级POM项目 用于在项目上定义约束,以满足项目稳定、安全构建投产。 背景使用Maven Enforcer Plugin提升构建稳定性。 基于Maven Enforcer Plugin构建的约束规则。 禁止引入冲突的依赖 约束多模块项目 其他经典约定:编码、运行时版本等 依赖管理最佳实践(可选) 重复类检测 禁止循环依