Kotlin : Usage of untrusted proxy

Classification

OWASP Top 10 2021

A4-Insecure Design

PCI DSS 4.0

6.2.4

CWE

CWE-15 CWE-642

Overview

The application uses an untrusted proxy server. An attacker can modify the proxy server address and can intercept the traffic (the man-in-the-middle attack).

References

CWE-15: External Control of System or Configuration Setting
OWASP: Setting Manipulation
Man-in-the-middle attack - Wikipedia

MEDIUM

Kotlin : Usage of untrusted proxy

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Kotlin : Usage of untrusted proxy in your application?

See also

Kotlin : Missing required cryptographic step

Kotlin : Logging into system output

Kotlin : Call of notify() in synchronized block