Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy can perform a man-in-the-middle (MitM) attack to intercept update requests and replace installer or update packages with malicious files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GOG Galaxy 安全漏洞
Vulnerability Description
GOG Galaxy是波兰GOG公司的一款游戏客户端程序。该程序用于安装、启动和更新游戏。 GOG Galaxy 2.0.0.2版本存在安全漏洞,该漏洞源于缺少SSL证书验证,可能导致中间人攻击,从而拦截更新请求并替换安装包或更新包为恶意文件。
CVSS Information
N/A
Vulnerability Type
N/A