apache MINA is vulnerable to information disclosure. close_notify
SSL/TLS messages are not handled properly and does not lead to a connection closure. This causes the server to keep the socket open, allowing the client to potentially receive clear-text messages that should have been encrypted.