CVE-2016-7099

CVE-2016-7099

The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Source: CVE-2016-7099

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다