exploitDog

GHSA-xmvf-wm3q-gh2f

Опубликовано: 17 июн. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. The affected app cannot detect event data with invalid signatures.

Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. The affected app cannot detect event data with invalid signatures.

Ссылки

EPSS

Процентиль: 19%

0.00062

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-347

Связанные уязвимости

CVE-2024-36277

CVSS3: 5.3

nvd

больше 1 года назад

Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. The affected app cannot detect event data with invalid signatures.

EPSS

Процентиль: 19%

0.00062

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-347