5 matches found
CVE-2019-0231
Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...
CVE-2019-0231
CVE-2019-0231 affects Apache MINA: handling of the TLS close_notify does not close the underlying connection, leaving the socket open and potentially allowing the client to receive cleartext data after termination. The vulnerability is documented across multiple sources, including IBM and GHSA re...
CVE-2019-0231
Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...
PT-2019-11202
Name of the Vulnerable Software and Affected Versions: Apache MINA versions prior to 2.0.21 Apache MINA versions 2.1.0 Description: The issue arises from the handling of the close notify SSL/TLS message, which does not result in a connection closure. As a consequence, the server retains the opene...
Information Disclosure
apache MINA is vulnerable to information disclosure. closenotify SSL/TLS messages are not handled properly and does not lead to a connection closure. This causes the server to keep the socket open, allowing the client to potentially receive clear-text messages that should have been encrypted...