We are sunsetting Hakiri on January 31 2022. To learn more please refer to this document.

jruby-openssl Severe
SSL Verification Bypass
Discovered 3 months ago
Published about 12 years ago
Category: SSL Verification Bypass
Source: jruby.org
Severity: Severe

A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers could also penetrate client-validated SSL server applications with a dummy certificate.

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
n/a n/a n/a n/a n/a n/a
Patched Versions

>= 0.6

Unaffected Versions