Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Not Yet Commons Ssl Project Subscribe
Filtered by product Not Yet Commons Ssl
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3604 1 Not Yet Commons Ssl Project 1 Not Yet Commons Ssl 2018-01-04 6.8 MEDIUM N/A
Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.