Vulnerabilities > Candy Blast Project

DATE CVE VULNERABILITY TITLE RISK
2014-09-10 CVE-2014-5858 Cryptographic Issues vulnerability in Candy Blast Project Candy Blast 1.1.001
The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5.4