Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.
[
{
"product": "Pandora iOS App",
"vendor": "Pandora Media, Inc.",
"versions": [
{
"status": "affected",
"version": "Prior to 8.3.2"
}
]
}
]