CVE-2014-6838
The CVE-2014-6838 entry concerns the Groupama Toujours la app (com.groupama.toujoursla) for Android version 1.3.0, where X.509 certificate validation for SSL servers is not performed. This insecure cert handling can allow man-in-the-middle attackers to spoof servers and exfiltrate sensitive infor...