TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Node.js | Nodejs | 12.0.0 (including) | 12.18.0 (excluding) |
Node.js | Nodejs | 14.0.0 (including) | 14.4.0 (excluding) |