Описание
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:signal:private_messenger:4.24.8:*:*:*:*:android:*:*
EPSS
Процентиль: 32%
0.00119
Низкий
3.3 Low
CVSS3
4.7 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.7
github
больше 3 лет назад
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
EPSS
Процентиль: 32%
0.00119
Низкий
3.3 Low
CVSS3
4.7 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-200