Improper Validation of Certificate Expiration Affecting org.cloudfoundry.identity:cloudfoundry-identity-server package, versions [3.0.0,3.3.0.3) [3.4,3.4.1)
Snyk CVSS
Attack Complexity
High
Integrity
High
Threat Intelligence
EPSS
0.27% (66th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31070
- published 28 Sep 2016
- disclosed 28 Sep 2016
- credit Hristo Ivanov Dobtchev
Introduced: 28 Sep 2016
CVE-2016-5016 Open this link in a new tabOverview
org.cloudfoundry.identity:cloudfoundry-identity-server
Affected versions of the package do not check for certificate expiration dates by default.