2 matches found
Serverpod client accepts any certificate
This bug bypassed the validation of TSL certificates on all none web HTTP clients in the serverpodclient package. Making them susceptible to a man in the middle attack against encrypted traffic between the client device and the server. An attacker would need to be able to intercept the traffic an...
PT-2024-23110
Name of the Vulnerable Software and Affected Versions Serverpod versions prior to 1.2.6 Description The issue bypasses the validation of TSL certificates on all non-web HTTP clients in the serverpod client package, making them susceptible to a man-in-the-middle attack against encrypted traffic...