Crypto CertificateValidationDisabled
The `ServicePointManager.ServerCertificateValidationCallback` event has been set to always return `true`, which effectively disables the validation of server certificates. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. Remove the callback function t
greprules fetch gitlab-sast-csharp-crypto-rule-certificatevalidationdisabled --engine opengrepDescription
The `ServicePointManager.ServerCertificateValidationCallback` event has been set to always return `true`, which effectively disables the validation of server certificates. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. Remove the callback function t
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.