nv-websocket-client is vulnerable to man-in-the-middle (MitM) attacks. The library accepts a trusted certificate issued to domain A when connecting to domain B, allowing a malicious user to conduct a man-in-the-middle attack.
CPE | Name | Operator | Version |
---|---|---|---|
nv-websocket-client | eq | 2.0 | |
nv-websocket-client | le | 1.31 |