CVE-2014-3488
UNKNOWN
Published 2014-07-31T14:00:00
Actions:
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2014-3488. We'll provide specific mitigation strategies based on your environment and risk profile.
No CVSS data available
Description
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
Affected Packages
Maven
io.netty:netty-handler
ECOSYSTEM:
≥0
<3.9.2
CVSS Scoring
CVSS Score
5.0
References
PACKAGE
https://github.com/netty/netty
Advisory provided by GitHub Security Advisory Database. Published: June 30, 2020, Modified: September 22, 2021
References
HackerOne Reports
xanbanx
GitLab
Improper Access Control - Generic
Published: 2014-07-31T14:00:00
Last Modified: 2024-08-06T10:43:06.356Z
Copied to clipboard!