ADVISORIES
GEM
PLATFORM
SEVERITY
CVSS v3.x: 7.5 (High)
PATCHED VERSIONS
- >= 0.6
DESCRIPTION
A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers could also penetrate client-validated SSL server applications with a dummy certificate.