CodeAnt AI home page

Dashboard
Dashboard

ATS insecure webview loads

ATS-insecure-webview-loads

The application’s App Transport Security (ATS) configuration allows for insecure accessing of HTTP content in WebViews. This means that connections accessed in a WebView may be accessed via HTTP, potentially leaking that data to others on the local network, or to other network devices the network traffic traverses (proxies, firewalls, load balancers, etc).
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify

Demo Call with CEO

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database

ATS insecure webview loads

ATS-insecure-webview-loads

The application’s App Transport Security (ATS) configuration allows for insecure accessing of HTTP content in WebViews. This means that connections accessed in a WebView may be accessed via HTTP, potentially leaking that data to others on the local network, or to other network devices the network traffic traverses (proxies, firewalls, load balancers, etc).
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify