In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HJava Websocket Project Java Websocket
APPJava-Websocket Project≤ 1.4.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.