Filtered by vendor Starscream Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-5887 | 1 Starscream Project | 1 Starscream | 2017-04-25 | 5.0 MEDIUM | 7.5 HIGH |
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function). | |||||
CVE-2017-7192 | 1 Starscream Project | 1 Starscream | 2017-04-24 | 5.0 MEDIUM | 7.5 HIGH |
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false). |