2 matches found
PT-2026-21525
Name of the Vulnerable Software and Affected Versions YMFE yapi version 1.12.0 Description The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests. This can lead to man-in-the-middle attacks where a malicio...
CVE-2020-15526
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...