1 results (0.002 seconds)
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17187
https://notcve.org/view.php?id=CVE-2018-17187
13 Nov 2018 — The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer certificate, with options to configure this explicitly or select a certificate verification mode with or without hostname verification being performed. The latter hostname verifying mode was not implemented in Apache Qpid Proton-J versio... • http://www.securityfocus.com/bid/105935 • CWE-295: Improper Certificate Validation •