1 results (0.003 seconds)
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2016-2402
https://notcve.org/view.php?id=CVE-2016-2402
30 Jan 2017 — OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate. OkHttp antes de 2.7.4 y 3.x antes de 3.1.2 permite que los atacantes man-in-the-middle eludan la fijación de certificados enviando una cadena de certificados con un CA no fijado confiable y el certificado fijado. • https://github.com/ikoz/cert-pinning-flaw-poc • CWE-295: Improper Certificate Validation •