CVE-2016-2402 in OkHttpinformação

Sumário

de MITRE

OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

17/02/2016

Divulgação

30/01/2017

Moderação

aceite

Entrada

VDB-96298

CPE

pronto

CWE

CWE-295 (confirmado)

CVSS

5.9 (NVD)

EPSS

0.02681

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-2402
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-2402
CVE Details	https://www.cvedetails.com/cve/CVE-2016-2402/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!