VYPR
Moderate severityNVD Advisory· Published May 6, 2014· Updated Jun 17, 2026

CVE-2014-0193

CVE-2014-0193

Description

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:nettyMaven
>= 3.6.0.Beta1, < 3.6.9.Final3.6.9.Final
io.netty:nettyMaven
>= 3.7.0.Final, < 3.7.1.Final3.7.1.Final
io.netty:nettyMaven
>= 3.8.0.Final, < 3.8.2.Final3.8.2.Final
io.netty:nettyMaven
>= 3.9.0.Final, < 3.9.1.Final3.9.1.Final
io.netty:nettyMaven
>= 4.0.0.Alpha1, < 4.0.19.Final4.0.19.Final
io.netty:netty-allMaven
>= 4.0.0.Alpha1, < 4.0.19.Final4.0.19.Final

Affected products

34
  • Netty/Netty32 versions
    cpe:2.3:a:netty:netty:3.6.0:*:*:*:*:*:*:*+ 31 more
    • cpe:2.3:a:netty:netty:3.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:4.0.9:*:*:*:*:*:*:*
  • ghsa-coords2 versions
    >= 3.6.0.Beta1, < 3.6.9.Final+ 1 more
    • (no CPE)range: >= 3.6.0.Beta1, < 3.6.9.Final
    • (no CPE)range: >= 4.0.0.Alpha1, < 4.0.19.Final

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.