search

qos-ch / reload4j

reload4j is a drop-in replacement for log4j 1.2.17
Apache License 2.0
149 stars 22 forks source link

CVE-2020-9488 - SMTPS connection to be intercepted by a man-in-the-middle attack #25

Closed ceki closed 2 years ago

ceki commented 2 years ago

https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html and " mail.smtp.ssl.checkserveridentity"

ceki commented 2 years ago

Fixed in 90bc7826c206c