CVE-2019-0231
N/A
N/A
Summary
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This issue affects: Apache MINA.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache MINA | Apache MINA 2.1 2.1.0 | affected |
| Apache Software Foundation | Apache MINA | Apache MINA 2.0 2.0.21 | affected |
Weaknesses
- SSLFilter security Issue
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.