Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 9:42 p.m.16 views

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - OkHttp 3.x (CVE-2018-20200)

Summary CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. Vulnerability Details CVEID: CVE-2018-20200 DESCRIPTION: DISPUTED CertificatePinner.java in...

5.9CVSS0.8AI score0.02477EPSS
Exploits1Affected Software1
OSV
OSV
added 2019/04/18 7:29 p.m.10 views

CVE-2018-20200

CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale...

5.9CVSS5.7AI score
Exploits0References15
OSV
OSV
added 2019/04/18 7:29 p.m.3 views

DEBIAN-CVE-2018-20200

CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale...

5.9CVSS6.8AI score0.02477EPSS
Exploits1References1
CVE
CVE
added 2019/04/18 6:31 p.m.77 views

CVE-2018-20200

CVE-2018-20200 affects OkHttp 3.x up to 3.12.0: CertificatePinner.java may allow MITM bypass of certificate pinning by changing SSLContext and boolean values during hooking. The vulnerability is explicitly disputed as not a true vulnerability by some parties, per the notes in the description. Con...

5.9CVSS5.5AI score0.02477EPSS
Exploits1References15Affected Software1
Rows per page
Query Builder