Skip to main content

Capital One Spark

1 CVEs product

Monthly

CVE-2014-5867 MEDIUM This Month

The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Capital One Spark
NVD
CVSS 2.0
5.4
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM This Month

The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Capital One Spark
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy