Lucene search
Faye-websocket Project Security Vulnerabilities
cve
In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The Faye::WebSocket::Client class uses the EM::Connection#start_tls method in EventMachine to implement the TLS handshake whenever a wss: URL is used for the connection. This method does not...
8.7CVSS
8.3AI Score
0.002EPSS
2020-07-31 06:15 PM
51