Faye-websocket Project Faye-websocket — known CVE vulnerabilities
Every CVE whose affected-product data names Faye-websocket Project Faye-websocket, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2020-15133 — CVSS 8.0 (high): In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The `Faye::WebSocket::Client` class…