MEDIUM🇬🇧 English

CVE-2018-3988

CVSS 4.7v3.1pub. 2018-12-10upd. 2024-11-21

Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Signal Private Messenger

    APP
    Signal
    4.24.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-17192CRITICAL9.8ten sam produkt

The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videocon...

CVE-2019-17191HIGH7.5ten sam produkt

The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answe...

CVE-2020-5753MEDIUM5.3ten sam produkt

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a ...

CVE-2019-9970MEDIUM6.5ten sam produkt

Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4...

CVE-2023-24068HIGH7.8ten sam vendor

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments...

CVE-2018-3988 — MEDIUM 4.7 | CVEbaza.pl