blockchain icon indicating copy to clipboard operation
blockchain copied to clipboard
verified publisher icon dvf

Improper Certificate Validation

Open larrycameron80 opened this issue 6 years ago • 0 comments

Improper Certificate Validation Vulnerable module: urllib3 Introduced through: [email protected] Detailed paths Introduced through: dvf/blockchain@dvf/blockchain#1369cac2094d36e694da1209d7d4f923264f7f50 › [email protected][email protected] Overview urllib3 is an HTTP library with thread-safe connection pooling, file post, and more.

Affected versions of this package are vulnerable to Improper Certificate Validation. It mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates. This can result in SSL connections succeeding in situations where it should have failed.

Improper Certificate Validation vulnerability report

larrycameron80 avatar Sep 17 '19 02:09 larrycameron80