Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Apache MINA SSLFilter security Issue
Vulnerability Description
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This issue affects: Apache MINA.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache MINA 安全漏洞
Vulnerability Description
Apache MINA是美国阿帕奇(Apache)软件基金会的一款网络应用程序框架。该产品主要用于开发高性能和高可伸缩性的网络应用程序。 Apache MINA 2.0.20版本和2.1.0版本中存在安全漏洞,该漏洞源于SSLFilter没有正确处理close_notify SSL / TLS消息。攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A