Количество 3
Количество 3
CVE-2015-6997
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.
GHSA-6522-r5wp-vr5j
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.
BDU:2015-11819
Уязвимость операционной системы iOS, позволяющая нарушителю проводить атаки типа "человек посередине"
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-6997 The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
| GHSA-6522-r5wp-vr5j The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | 0% Низкий | больше 3 лет назад | |
 | BDU:2015-11819 Уязвимость операционной системы iOS, позволяющая нарушителю проводить атаки типа "человек посередине" | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
Уязвимостей на страницу