CodeAnt AI home page

Dashboard
Dashboard

ATS insecure media loads

ATS-insecure-media-loads

The application’s App Transport Security (ATS) configuration allows for insecure accessing of media content over HTTP connections. This means that images, video, and other media (AVFoundation) data may be accessed via HTTP, potentially leaking that data to others on the local network, or to other network devices the network traffic traverses (proxies, firewalls, load balancers, etc).
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify

Demo Call with CEO

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database

ATS insecure media loads

ATS-insecure-media-loads

The application’s App Transport Security (ATS) configuration allows for insecure accessing of media content over HTTP connections. This means that images, video, and other media (AVFoundation) data may be accessed via HTTP, potentially leaking that data to others on the local network, or to other network devices the network traffic traverses (proxies, firewalls, load balancers, etc).
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify