exploitDog

GHSA-26r9-9qgm-57v8

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks.

The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks.

Ссылки

EPSS

Процентиль: 37%

0.00156

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-319

Связанные уязвимости

CVE-2019-10251

CVSS3: 5.9

nvd

почти 7 лет назад

The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks.

EPSS

Процентиль: 37%

0.00156

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-319