AIKIDO-2024-10336
http-server is vulnerable to Selection of Less-Secure Algorithm During Negotiation
25
Low
http-server java
AIKIDO-2024-10336: http-server is vulnerable to Selection of Less-Secure Algorithm During Negotiation in versions 200 - 274.
Selection of Less-Secure Algorithm During Negotiation
Vuln in 200 - 274
Fixed in 275
No CVE available
TL;DR
Affected versions of the package are vulnerable to a TLS renegotiation attack.
Who does this affect?
You're affected if you are using a version which is within vulnerability ranges.
How can it be fixed?
Upgrade http-server library to patch version.
Background info
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For FreeYour data won't be shared · Read-only access
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US