CVE-2017-5906
The CVE-2017-5906 issue affects Everyday Health’s iOS app “Diabetes in Check: Blood Glucose & Carb Tracker” (version 3.4.2). The root cause is failure to validate X.509 certificates from SSL servers, enabling man-in-the-middle attacks to spoof servers and access sensitive information. Connected C...