Published: 31/07/2014 Updated: 19/02/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The SslHandler in Netty prior to 3.9.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netty netty 3.8.1
netty netty 3.8.0
netty netty 3.7.0
netty netty 3.6.8
netty netty
netty netty 3.9.0
netty netty 3.6.7
netty netty 3.6.5
netty netty 3.6.3
netty netty 3.6.2
netty netty 3.6.1
netty netty 3.6.0
netty netty 3.9.1
netty netty 3.6.6
netty netty 3.6.4

The SslHandler in Netty before 392 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message ...

Enforced Super POM for build stable artifacts

Super-POM 超级POM项目用于在项目上定义约束，以满足项目稳定、安全构建投产。背景使用Maven Enforcer Plugin提升构建稳定性。基于Maven Enforcer Plugin构建的约束规则。禁止引入冲突的依赖约束多模块项目其他经典约定：编码、运行时版本等依赖管理最佳实践(可选) 重复类检测禁止循环依

CWE-119 http://netty.io/news/2014/06/11/3-9-2-Final.html https://github.com/netty/netty/commit/2fa9400a59d0563a66908aba55c41e7285a04994 https://github.com/netty/netty/issues/2562 http://secunia.com/advisories/59196 https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html https://nvd.nist.gov https://github.com/ian4hu/super-pom https://access.redhat.com/security/cve/cve-2014-3488

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3488

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect