exploitDog

GHSA-j5f5-hvrp-6jx3

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

CVE ID

Связанные уязвимости

CVE-2014-5894

nvd

больше 11 лет назад

The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

EPSS

Процентиль: 33%

0.00134

Низкий

CVE ID