io.vertx:vertx-core@4.4.6 vulnerabilities
-
latest version
4.5.7
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
a month ago
-
licenses detected
- (Apache-2.0 OR EPL-1.0)[3.0.0-milestone2,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the io.vertx:vertx-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
io.vertx:vertx-core is a tool-kit for building reactive applications on the JVM. Affected versions of this package are vulnerable to Resource Exhaustion due to erroneous caching in the server name map, for TCP servers configured with TLS and SNI support. This allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error. Note: This affects only TLS servers with SNI enabled. How to fix Resource Exhaustion? Upgrade |
[4.3.4,4.4.8)
[4.5.0,4.5.3)
|
io.vertx:vertx-core is a tool-kit for building reactive applications on the JVM. Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper management of Netty How to fix Denial of Service (DoS)? Upgrade |
[4.4.5,4.4.7)
[4.5.0,4.5.2)
|