2734 matches found
Design/Logic Flaw
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted SSLv2Hello message...
CVE-2014-3488
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted SSLv2Hello message...
CVE-2014-3488
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted SSLv2Hello message...
CVE-2014-3488
Netty CVE-2014-3488: The SslHandler in Netty before 3.9.2 is vulnerable to a remote DoS via a crafted SSLv2Hello message that can cause an infinite loop and high CPU usage. Affected are Netty 3.9.x predecessors up to 3.9.2. Remediation: upgrade to Netty 3.9.2.Final or later (as noted in advisorie...
CVE-2014-3488
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted SSLv2Hello message...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
Design/Logic Flaw
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
UBUNTU-CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
CVE-2014-0193
CVE-2014-0193 is a Netty WebSocket DoS vulnerability. The WebSocket08FrameDecoder in Netty versions 3.6.x (before 3.6.9), 3.7.x (before 3.7.1), 3.8.x (before 3.8.2), 3.9.x (before 3.9.1), and 4.0.x (before 4.0.19) can be triggered by sending a TextWebSocketFrame followed by a long stream of Conti...
CVE-2014-0193
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...
PT-2014-3528 · Netty · Netty
Name of the Vulnerable Software and Affected Versions: Netty versions 3.6.x through 3.6.8 Netty versions 3.7.x through 3.7.0 Netty versions 3.8.x through 3.8.1 Netty versions 3.9.x through 3.9.0 Netty versions 4.0.x through 4.0.18 Description: The issue allows remote attackers to cause a denial o...