Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
17 Apr 2019
14 Apr 2019
How to fix?
org.apache.mina:mina-core to version 2.0.21, 2.1.1 or higher.
org.apache.mina:mina-core is a network application framework which helps users develop high performance and high scalability network applications easily.
Affected versions of this package are vulnerable to Information Exposure. Handling of the
close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear-text messages which were supposed to be encrypted.