CVE-2012-5813 in Android Pusher信息

摘要

由 VulDB • 2026-07-11

Android_Pusher 库在 Android 平台上未验证服务器主机名是否与 X.509 证书主题(Subject)的通用名称(CN)或 subjectAltName 字段中的域名匹配,这使得中间人攻击者能够通过任意有效的证书伪造 SSL 服务器。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!