Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2017-7192
Disclosure Date: April 06, 2017 (last updated November 26, 2024)
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false).
0
Attacker Value
Unknown
CVE-2017-5887
Disclosure Date: April 06, 2017 (last updated November 26, 2024)
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function).
0
