CRITICAL🇬🇧 English

CVE-2020-11050

CVSS 9.0v3.1pub. 2020-05-07upd. 2024-11-21

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Java Websocket Project Java Websocket

    APP
    Java-Websocket Project
    ≤ 1.4.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje