swift-keyedarchiver
swift-keyedarchiver
The application was found to use
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
NSKeyedArchiver without utilizing requiringSecureCoding, which is not considered secure. This can allow for deserialization vulnerabilities, and the application should always ensure requiringSecureCoding is set to true.Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures