Vulnerabilities > Eclipse > Californium > 2.6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-10 | CVE-2022-39368 | Incomplete Cleanup vulnerability in Eclipse Californium Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. | 8.2 |
| 2021-08-20 | CVE-2021-34433 | Improper Verification of Cryptographic Signature vulnerability in Eclipse Californium In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange. | 5.0 |