CVE-2017-1000209
The CVE-2017-1000209 entry concerns the Java WebSocket client nv-websocket-client, which fails to verify that the server hostname matches the CN or subjectAltName in the server’s X.509 certificate. This allows potential MITM exploitation through arbitrary valid certificates. The connected records...