VYPR

Nv Websocket Client

by Nv Websocket Client Project

Source repositories

CVEs (1)

  • CVE-2017-1000209MedNov 17, 2017
    risk 0.38cvss 5.9epss 0.01

    The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary…