CVE-2020-11050
Published
CVSS v3
9
CRITICAL
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
A barebones WebSocket client and server implementation written in 100% Java.
GitHub