subhash c created CXF-8031:
------------------------------
Summary: CVE-2019-0231 - Vulnerability in Apache MINA
Key: CXF-8031
URL: https://issues.apache.org/jira/browse/CXF-8031
Project: CXF
Issue Type: Bug
Affects Versions: 3.3.1
Environment: **
Reporter: subhash c
Below vulnerability had reported on mina-core api.
*CVE-2019-0231* - '_Handling of the close_notify SSL/TLS message does not lead
to a connection closure, leading the server to retain the socket opened and to
have the client potentially receive clear-text messages which were supposed to
be encrypted._'
This have an impact on '*cxf-rt-transports-udp*' as it is dependent on
mina-core. The dependency should be updated to 2.0.21 or 2.1.1/later.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
