10 matches found
EUVD-2019-15529
Malware in sbrugna...
CVE-2019-5961
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2019-5961
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2019-5961
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2019-5961
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2019-5961
The CVE-2019-5961 entry applies to the Android app “Tootdon for Mastodon” (versions 3.4.1 and earlier). The root cause is failure to verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and access sensitive information via crafted certificates. Documen...
Android App "Tootdon for Mastodon" fails to verify SSL server certificates
Overview Android App "Tootdon for Mastodon" provided by Tsukurito, Inc. fails to verify SSL server certificates CWE-295. Gomasy reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may...
JVN#57806517: Android App "Tootdon for Mastodon" fails to verify SSL server certificates
Android App "Tootdon for Mastodon" provided by Tsukurito, Inc. fails to verify SSL server certificates CWE-295. Impact A man-in-the-middle attack may allow an attacker to obtain and/or alter a content of communication. Solution Update the Application Update to the latest version according to the...
Tootdon for Mastodon Trust Management Issue Vulnerability
Tootdon for Mastodon is a social application for Mastodon. A vulnerability with trust management issues exists in Tootdon for Mastodon 3.4.1 and earlier versions Android. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker...