CVE-2018-20200 (okhttp)

CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application.
Source: NIST
CVE-2018-20200 (okhttp)

Leave a Reply

Your email address will not be published.