Io-socket-ssl » Io-socket-ssl » 1.18 : Security Vulnerabilities, CVEs,
The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate.
Max CVSS
4.3
EPSS Score
0.50%
Published
2009-08-31
Updated
2011-01-20
1 vulnerabilities found