CVE-2023-4586 Information

Description

A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS possibly resulting in a man-in-the-middle (MITM) attack.

Reference

https://access.redhat.com/security/cve/CVE-2023-4586 https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-1042268 https://bugzilla.redhat.com/show_bug.cgi?id=2235564