Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Twitter Kit Security Vulnerabilities

cve
cve

CVE-2017-0911

Twitter Kit for iOS versions 3.0 to 3.2.1 is vulnerable to a callback verification flaw in the "Login with Twitter" component allowing an attacker to provide alternate credentials. In the final step of "Login with Twitter" authentication information is passed back to the application using the regis...

5.4CVSS

5.1AI Score

0.001EPSS

2018-02-09 10:29 PM
27
cve
cve

CVE-2019-16263

The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. Although the certificate chain must contain one of a set of pinned certificates, there are certain implementation errors such as a lack of hostname verification. NOTE: this is an end-of-l...

7.4CVSS

7.1AI Score

0.002EPSS

2019-10-07 12:15 PM
19
cve
cve

CVE-2019-5431

This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions 3.0 to 3.4.0 is vulnerable to a callback verification flaw in the "Login with Twitter" component allowing an attacker to provide alternate credentials. In the final step of "Login with Twitter" authent...

5.4CVSS

5.1AI Score

0.001EPSS

2019-05-06 05:29 PM
10