Security Advisory

CVE-2015-7094

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-12-11 11:00:00

Last updated 2024-08-06 07:36:35

Assigner apple

State PUBLISHED

Description

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.

← Browse all CVEs View on cve.org ↗