VYPR

Spark Pay

by Capital One

CVEs (1)

  • CVE-2014-5867Sep 11, 2014
    Sparkpay
    Capital One Spark
    risk 0.00cvss epss 0.00

    The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.