← voltar
CVE-2017-7192

CVE-2017-7192

EPSS 1.9%
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false).
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://seclists.org/bugtraq/2017/Apr/66https://github.com/daltoniam/Starscream/commit/dbeb1190b8dcbff4f0b797f9e9d9b9b864d1f0d6https://github.com/daltoniam/Starscream/releases/tag/2.0.4