CVE-2020-11050
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TooTallNate | Java-WebSocket | <= 1.4.1 | affected |
Weaknesses
- CWE-297: CWE-297: Improper Validation of Certificate with Host Mismatch
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.