Vulnerabilities > Afnetworking Project

DATE	CVE	VULNERABILITY TITLE	RISK
2015-10-27	CVE-2015-3996	7PK - Security Features vulnerability in Afnetworking Project Afnetworking 2.5.2 The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework before 2.5.3, as used in the ownCloud iOS Library, disables verification of a server hostname against the domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. network afnetworking-project CWE-254	4.3

Vulnerabilities > Afnetworking Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Afnetworking Project"}]}