CVE-2017-5887
CVE-2017-5887 affects Starscream’s WebSocket.swift prior to version 2.0.4. The vulnerability is an SSL pinning bypass caused by where pinning is performed: pinning occurs in the stream function, which is later than appropriate; pinning should be established in initStreamsWithData. This misplaceme...