exploitDog

CVE-2021-37786

Опубликовано: 27 сент. 2021

Источник: nvd

CVSS3: 4.6

CVSS2: 2.1

EPSS Низкий

Описание

Certain Federal Office of Information Technology Systems and Telecommunication FOITT products are affected by improper handling of exceptional conditions. This affects COVID Certificate App IOS 2.2.0 and below affected, patch in progress and COVID Certificate Check App IOS 2.2.0 and below affected, patch in progress. A denial of service (physically proximate) could be caused by scanning a crafted QR code.

Ссылки

https://github.com/admin-ch/CovidCertificate-App-iOS/issues/146
Exploit
Issue Tracking
Third Party Advisory
https://github.com/admin-ch/CovidCertificate-App-iOS/issues/146
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bag:covid_certificate:*:*:*:*:*:iphone_os:*:*

Версия до 2.2.0 (включая)

EPSS

Процентиль: 8%

0.0003

Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-755

Связанные уязвимости

GHSA-wwmh-65qv-chwq

github

больше 3 лет назад

Certain Federal Office of Information Technology Systems and Telecommunication FOITT products are affected by improper handling of exceptional conditions. This affects COVID Certificate App IOS 2.2.0 and below affected, patch in progress and COVID Certificate Check App IOS 2.2.0 and below affected, patch in progress. A denial of service (physically proximate) could be caused by scanning a crafted QR code.

EPSS

Процентиль: 8%

0.0003

Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-755