{"containers":{"cna":{"affected":[{"product":"Java-WebSocket","vendor":"TooTallNate","versions":[{"status":"affected","version":"<= 1.4.1"}]}],"descriptions":[{"lang":"en","value":"In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-297","description":"CWE-297: Improper Validation of Certificate with Host Mismatch","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-05-07T20:15:12.000Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/TooTallNate/Java-WebSocket/security/advisories/GHSA-gw55-jm4h-x339"}],"source":{"advisory":"GHSA-gw55-jm4h-x339","discovery":"UNKNOWN"},"title":"Improper Validation of Certificate with Host Mismatch in Java-WebSocket","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security-advisories@github.com","ID":"CVE-2020-11050","STATE":"PUBLIC","TITLE":"Improper Validation of Certificate with Host Mismatch in Java-WebSocket"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Java-WebSocket","version":{"version_data":[{"version_value":"<= 1.4.1"}]}}]},"vendor_name":"TooTallNate"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0."}]},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-297: Improper Validation of Certificate with Host Mismatch"}]}]},"references":{"reference_data":[{"name":"https://github.com/TooTallNate/Java-WebSocket/security/advisories/GHSA-gw55-jm4h-x339","refsource":"CONFIRM","url":"https://github.com/TooTallNate/Java-WebSocket/security/advisories/GHSA-gw55-jm4h-x339"}]},"source":{"advisory":"GHSA-gw55-jm4h-x339","discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T11:21:14.437Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/TooTallNate/Java-WebSocket/security/advisories/GHSA-gw55-jm4h-x339"}]}]},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2020-11050","datePublished":"2020-05-07T20:15:12.000Z","dateReserved":"2020-03-30T00:00:00.000Z","dateUpdated":"2024-08-04T11:21:14.437Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}