WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-04-06T14:00:00
Updated: 2024-08-05T15:56:36.123Z
Reserved: 2017-03-20T00:00:00
Link: CVE-2017-7192
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-04-06T14:59:00.363
Modified: 2024-11-21T03:31:21.117
Link: CVE-2017-7192
Redhat
No data.