VYPR
Moderate severityNVD Advisory· Published Jul 31, 2014· Updated Jun 17, 2026

CVE-2014-3488

CVE-2014-3488

Description

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-handlerMaven
< 3.9.23.9.2

Affected products

16
  • Netty/Netty15 versions
    cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*range: <=3.9.1.1
    • cpe:2.3:a:netty:netty:3.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netty:netty:3.9.1:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 3.9.2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.