Vulnerability	Vulnerable Version
H Missing Release of Resource after Effective Lifetime Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through improper handling of TLV length in the `readNextTLV` function. An attacker can cause resource exhaustion and denial of service by sending a specially crafted HAProxy protocol message with a TLV length below the required minimum, leading to an unreleased retained slice and eventual memory leak. How to fix Missing Release of Resource after Effective Lifetime? Upgrade `io.netty:netty-codec-haproxy` to version 4.1.135.Final, 4.2.15.Final or higher.	[,4.1.135.Final)[4.2.0.Final,4.2.15.Final)

Missing Release of Resource after Effective Lifetime

Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through improper handling of TLV length in the readNextTLV function. An attacker can cause resource exhaustion and denial of service by sending a specially crafted HAProxy protocol message with a TLV length below the required minimum, leading to an unreleased retained slice and eventual memory leak.

How to fix Missing Release of Resource after Effective Lifetime?

Upgrade io.netty:netty-codec-haproxy to version 4.1.135.Final, 4.2.15.Final or higher.

[,4.1.135.Final)[4.2.0.Final,4.2.15.Final)

Go back to all versions of this package