UBUNTU-CVE-2014-0193

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-0193

Published: 06 May 2014, 14:55

Last modified:16 Jul 2025, 07:17

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 May 2014, 14:55

Published

Vulnerability first disclosed

16 Jul 2025, 07:17

Last Modified

Vulnerability information updated

Description

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

Affected Systems

ubuntu•netty
< 1:4.0.34-1 | < 1:4.1.7-4

References (3)

https://ubuntu.com/security/CVE-2014-0193
http://netty.io/news/2014/04/30/release-day.html
https://www.cve.org/CVERecord?id=CVE-2014-0193