Skip to main content

Faye Websocket

1 CVEs product

Monthly

CVE-2020-15133 Ruby HIGH POC PATCH This Week

In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Faye Websocket
NVD GitHub
CVSS 3.1
8.7
EPSS
0.9%
EPSS 1% CVSS 8.7
HIGH POC PATCH This Week

In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Faye Websocket
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy