The application was found to use NSKeyedArchiver without utilizing requiringSecureCoding, which is not considered secure. This can allow for deserialization vulnerabilities, and the application should always ensure requiringSecureCoding is set to true. Likelihood: LOW Confidence: HIGH CWE: - CWE-502: Deserialization of Untrusted Data
OWASP: - A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures