CVE-2014-5820
The CVE refers to the OkCupid Dating Android app (package com.okcupid.okcupid) version 3.4.6, where the client does not verify X.509 certificates from SSL servers. This weakens TLS authentication and enables MITM attackers to spoof servers and access sensitive information via a crafted certificat...