VYPR

Server Java SDK

by Couchbase

CVEs (1)

  • CVE-2020-9040HigJun 8, 2020
    risk 0.49cvss 7.5epss 0.01

    Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component due to missing…