Common Weakness Enumeration

CWE-295

Allowed

Improper Certificate Validation

Abstraction: Base · Status: Draft

The product does not validate, or incorrectly validates, a certificate.

1906 vulnerabilities reference this CWE, most recent first.

GHSA-RCXG-WQW2-89WF

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2024-02-15 21:31
VLAI
Details

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22909"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-300"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-27T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.",
  "id": "GHSA-rcxg-wqw2-89wf",
  "modified": "2024-02-15T21:31:25Z",
  "published": "2022-05-24T19:03:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22909"
    },
    {
      "type": "WEB",
      "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-018-018/cfa1566b-4bf8-427b-8cc7-8cffba3a93a4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RF3F-3P37-2QH4

Vulnerability from github – Published: 2022-09-02 00:01 – Updated: 2024-11-26 18:51
VLAI
Summary
python-scciclient vulnerable to Man-in-the-middle (MITM) attacks
Details

A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "python-scciclient"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.12.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-2996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-16T18:34:47Z",
    "nvd_published_at": "2022-09-01T18:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server\u0027s certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.",
  "id": "GHSA-rf3f-3p37-2qh4",
  "modified": "2024-11-26T18:51:57Z",
  "published": "2022-09-02T00:01:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2996"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openstack-archive/python-scciclient"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/python-scciclient/PYSEC-2022-43152.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "python-scciclient vulnerable to Man-in-the-middle (MITM) attacks"
}

GHSA-RFG6-P6Q6-8FRJ

Vulnerability from github – Published: 2024-01-19 21:30 – Updated: 2024-01-19 21:30
VLAI
Details

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6043"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-19T20:15:12Z",
    "severity": "HIGH"
  },
  "details": "A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges.",
  "id": "GHSA-rfg6-p6q6-8frj",
  "modified": "2024-01-19T21:30:36Z",
  "published": "2024-01-19T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6043"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-144736"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFGW-H32J-QPPC

Vulnerability from github – Published: 2022-05-17 02:39 – Updated: 2025-04-20 03:39
VLAI
Details

The "State Bank of Waterloo Mobile Banking" by State Bank of Waterloo app 3.0.2 -- aka state-bank-of-waterloo-mobile-banking/id555321714 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9590"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-16T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The \"State Bank of Waterloo Mobile Banking\" by State Bank of Waterloo app 3.0.2 -- aka state-bank-of-waterloo-mobile-banking/id555321714 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
  "id": "GHSA-rfgw-h32j-qppc",
  "modified": "2025-04-20T03:39:13Z",
  "published": "2022-05-17T02:39:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9590"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RG5M-FC62-H68H

Vulnerability from github – Published: 2024-11-15 18:30 – Updated: 2025-07-31 18:31
VLAI
Details

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.  The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic. Note: Cisco Expressway-E is not affected by this vulnerability.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-15T16:15:22Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the certificate validation of Cisco\u0026nbsp;Expressway-C and Cisco\u0026nbsp;TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.\u0026nbsp;\u0026nbsp;The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco\u0026nbsp;Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic.\nNote: Cisco\u0026nbsp;Expressway-E is not affected by this vulnerability.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.",
  "id": "GHSA-rg5m-fc62-h68h",
  "modified": "2025-07-31T18:31:50Z",
  "published": "2024-11-15T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20814"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bng-Gmg5Gxt"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs4k-tl1-GNnLwC6"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cdp-wnALzvT2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RGHW-6PX2-FGWC

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2024-02-13 19:27
VLAI
Summary
Improper Certificate Validation in MongoDB
Details

Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Java driver and the KMS service rendering Field Level Encryption ineffective. This issue was discovered during internal testing and affects all versions of the Java driver that support CSFLE. The Java async, Scala, and reactive streams drivers are not impacted. This vulnerability does not impact driver traffic payloads with CSFLE-supported key services originating from applications residing inside the AWS, GCP, and Azure network fabrics due to compensating controls in these environments. This issue does not impact driver workloads that don’t use Field Level Encryption.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.11.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.12.7"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.0"
            },
            {
              "fixed": "3.12.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.0.5"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-sync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-sync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.0"
            },
            {
              "fixed": "4.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-sync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.2.0"
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.11.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongo-java-driver"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.12.7"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongo-java-driver"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.0"
            },
            {
              "fixed": "3.12.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.0.5"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.0"
            },
            {
              "fixed": "4.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.11.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.12.7"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.0"
            },
            {
              "fixed": "3.12.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.12.7"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-sync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.12.0"
            },
            {
              "fixed": "3.12.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.11.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-sync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.mongodb:mongodb-driver-legacy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0"
            },
            {
              "fixed": "4.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.2.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-20328"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-22T18:49:12Z",
    "nvd_published_at": "2021-02-25T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server\u2019s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Java driver and the KMS service rendering Field Level Encryption ineffective. This issue was discovered during internal testing and affects all versions of the Java driver that support CSFLE. The Java async, Scala, and reactive streams drivers are not impacted. This vulnerability does not impact driver traffic payloads with CSFLE-supported key services originating from applications residing inside the AWS, GCP, and Azure network fabrics due to compensating controls in these environments. This issue does not impact driver workloads that don\u2019t use Field Level Encryption.",
  "id": "GHSA-rghw-6px2-fgwc",
  "modified": "2024-02-13T19:27:59Z",
  "published": "2022-05-24T22:28:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20328"
    },
    {
      "type": "WEB",
      "url": "https://jira.mongodb.org/browse/JAVA-4017"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Certificate Validation in MongoDB"
}

GHSA-RGMC-Q3R4-JXVV

Vulnerability from github – Published: 2022-05-17 01:57 – Updated: 2022-05-17 01:57
VLAI
Details

When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-09T12:29:00Z",
    "severity": "HIGH"
  },
  "details": "When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager\u0027s TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.",
  "id": "GHSA-rgmc-q3r4-jxvv",
  "modified": "2022-05-17T01:57:47Z",
  "published": "2022-05-17T01:57:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11506"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2017-11"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039141"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RH9J-F5F8-RVGC

Vulnerability from github – Published: 2022-06-17 22:09 – Updated: 2022-06-20 21:20
VLAI
Summary
Authentication bypass vulnerability in Apple Game Center auth adapter
Details

Impact

The certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object.

Patches

To prevent this, a new rootCertificateUrl property is introduced to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple's Game Center authentication certificate. If no value is set, the rootCertificateUrl property defaults to the URL of the current root certificate as of May 27, 2022.

Keep in mind that the root certificate can change at any time (expected to be announced by Apple) and that it is the developer's responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter.

Workarounds

None.

References

  • https://github.com/parse-community/parse-server/security/advisories/GHSA-rh9j-f5f8-rvgc
  • https://developer.apple.com/news/?id=stttq465
  • https://github.com/parse-community/parse-server

More information

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "parse-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.10.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "parse-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-17T22:09:09Z",
    "nvd_published_at": "2022-06-17T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nThe certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object.\n\n### Patches\nTo prevent this, a new `rootCertificateUrl` property is introduced to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple\u0027s Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the [current root certificate](https://developer.apple.com/news/?id=stttq465) as of May 27, 2022.\n\nKeep in mind that the root certificate can change at any time (expected to be announced by Apple) and that it is the developer\u0027s responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter.\n\n### Workarounds\nNone.\n\n### References\n- https://github.com/parse-community/parse-server/security/advisories/GHSA-rh9j-f5f8-rvgc\n- https://developer.apple.com/news/?id=stttq465\n- https://github.com/parse-community/parse-server\n\n### More information\n* For questions or comments about this vulnerability visit our [community forum](http://community.parseplatform.org) or [community chat](http://chat.parseplatform.org)\n* Report other vulnerabilities at [report.parseplatform.org](https://report.parseplatform.org)\n\n",
  "id": "GHSA-rh9j-f5f8-rvgc",
  "modified": "2022-06-20T21:20:53Z",
  "published": "2022-06-17T22:09:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/security/advisories/GHSA-rh9j-f5f8-rvgc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31083"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/pull/8054"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/pull/8054/commits/0cc299f82e367518f2fe7a53b99f3f801a338cf4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/pull/8054/commits/2084b7c569697a5230e42511799eeac9219db5a9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/commit/ba2b0a9cb9a568817a114b132a4c2e0911d76df1"
    },
    {
      "type": "WEB",
      "url": "https://developer.apple.com/news/?id=stttq465"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/parse-community/parse-server"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Authentication bypass vulnerability in Apple Game Center auth adapter "
}

GHSA-RHC4-GHFC-MWXG

Vulnerability from github – Published: 2022-05-17 02:40 – Updated: 2025-04-20 03:39
VLAI
Details

The "Oculina Mobile Banking" by Oculina Bank app 3.0.0 -- aka oculina-mobile-banking/id867025690 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9593"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-16T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The \"Oculina Mobile Banking\" by Oculina Bank app 3.0.0 -- aka oculina-mobile-banking/id867025690 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
  "id": "GHSA-rhc4-ghfc-mwxg",
  "modified": "2025-04-20T03:39:13Z",
  "published": "2022-05-17T02:40:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9593"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RHMQ-Q9GR-P7X8

Vulnerability from github – Published: 2022-05-14 03:33 – Updated: 2022-05-14 03:33
VLAI
Details

An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6219"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-15T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.",
  "id": "GHSA-rhmq-q9gr-p7x8",
  "modified": "2022-05-14T03:33:40Z",
  "published": "2022-05-14T03:33:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6219"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/1119349"
    },
    {
      "type": "WEB",
      "url": "https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/44166"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

CAPEC-459: Creating a Rogue Certification Authority Certificate

An adversary exploits a weakness resulting from using a hashing algorithm with weak collision resistance to generate certificate signing requests (CSR) that contain collision blocks in their "to be signed" parts. The adversary submits one CSR to be signed by a trusted certificate authority then uses the signed blob to make a second certificate appear signed by said certificate authority. Due to the hash collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.