CVE-2014-3607
CVE-2014-3607 affects Ldaptive (formerly vt-ldap) and its DefaultHostnameVerifier, which fails to ensure the server hostname matches a domain name in the X.509 certificate’s CN. This allows remote attackers to perform a MITM spoofing attack by using an arbitrary valid certificate. The issue is ob...