exploitDog

GHSA-9cmh-266p-f4xf

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.

Ссылки

EPSS

Процентиль: 30%

0.00109

Низкий

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2021-20833

CVSS3: 7.4

nvd

больше 4 лет назад

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.

EPSS

Процентиль: 30%

0.00109

Низкий

CVE ID

Дефекты

CWE-295