In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone). A man-in-the-middle attacker could offer a spoofed download resource.
{ "binaries": [ { "binary_name": "shotcut", "binary_version": "20.02.17-2" } ] }
{ "binaries": [ { "binary_name": "shotcut", "binary_version": "22.01.30+ds-1" }, { "binary_name": "shotcut-data", "binary_version": "22.01.30+ds-1" } ] }
{ "binaries": [ { "binary_name": "shotcut", "binary_version": "24.02.29+ds-1build1" }, { "binary_name": "shotcut-data", "binary_version": "24.02.29+ds-1build1" } ] }
{ "binaries": [ { "binary_name": "shotcut", "binary_version": "25.03.13+ds-1ubuntu1" }, { "binary_name": "shotcut-data", "binary_version": "25.03.13+ds-1ubuntu1" } ] }