{"uuid": "54624ad0-2dcf-4801-a830-d41e3498949a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-5523", "type": "seen", "source": "https://t.me/cveNotify/506", "content": "\ud83d\udea8 CVE-2020-5523\nAndroid App 'MyPallete' and some of the Android banking applications based on 'MyPallete' do not verify X.509 certificates from servers, and also do not properly validate certificates with host-mismatch, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-28T12:37:38.000000Z"}