Lucene search
K

5 matches found

NVD
NVD
added 2019/10/01 8:15 p.m.30 views

CVE-2019-0231

Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...

7.5CVSS7.5AI score0.02201EPSS
Exploits0References1
CVE
CVE
added 2019/10/01 7:39 p.m.214 views

CVE-2019-0231

CVE-2019-0231 affects Apache MINA: handling of the TLS close_notify does not close the underlying connection, leaving the socket open and potentially allowing the client to receive cleartext data after termination. The vulnerability is documented across multiple sources, including IBM and GHSA re...

7.5CVSS7.4AI score0.02201EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/10/01 7:39 p.m.11 views

CVE-2019-0231

Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...

7.5CVSS6.6AI score0.02201EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/10/01 12:0 a.m.5 views

PT-2019-11202

Name of the Vulnerable Software and Affected Versions: Apache MINA versions prior to 2.0.21 Apache MINA versions 2.1.0 Description: The issue arises from the handling of the close notify SSL/TLS message, which does not result in a connection closure. As a consequence, the server retains the opene...

7.8CVSS6.8AI score0.02201EPSS
Exploits0References15
Veracode
Veracode
added 2019/04/15 1:36 a.m.23 views

Information Disclosure

apache MINA is vulnerable to information disclosure. closenotify SSL/TLS messages are not handled properly and does not lead to a connection closure. This causes the server to keep the socket open, allowing the client to potentially receive clear-text messages that should have been encrypted...

7.5CVSS7.2AI score0.02201EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder