VYPR

Maven package

ca.juliusdavies/not-yet-commons-ssl

pkg:maven/ca.juliusdavies/not-yet-commons-ssl

Vulnerabilities (1)

  • CVE-2014-3604Oct 25, 2014
    affected < 0.3.15fixed 0.3.15

    Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid ce