0.002 Low
EPSS
Percentile
51.5%
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
bugzilla.redhat.com/show_bug.cgi?id=1835363
nvd.nist.gov/vuln/detail/CVE-2020-11050
www.cve.org/CVERecord?id=CVE-2020-11050