Описание
Hybrid Group Gobot Improper Certificate Validation vulnerability
An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default.
Specific Go Packages Affected
github.com/hybridgroup/gobot/platforms/mqtt
Пакеты
Наименование
github.com/hybridgroup/gobot
go
Затронутые версииВерсия исправления
< 1.12.1-0.20190521122906-c1aa4f867846
1.12.1-0.20190521122906-c1aa4f867846
Связанные уязвимости
CVSS3: 7.5
nvd
больше 6 лет назад
An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default.