CVE-2020-11050

Summary

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.

Affected Software

VendorProductVersion RangeStatus
TooTallNateJava-WebSocket<= 1.4.1affected

Weaknesses

  • CWE-297: CWE-297: Improper Validation of Certificate with Host Mismatch

ADP Enrichment

CVE Program Container

Additional References

References