Описание
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys.
Ссылки
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:flightradar24:flightradar24_flight_tracker:8.9.0:*:*:*:*:android:*:*
cpe:2.3:a:flightradar24:flightradar24_flight_tracker:8.10.0:*:*:*:*:android:*:*
cpe:2.3:a:flightradar24:flightradar24_flight_tracker:8.10.2:*:*:*:*:android:*:*
cpe:2.3:a:flightradar24:flightradar24_flight_tracker:8.10.3:*:*:*:*:android:*:*
cpe:2.3:a:flightradar24:flightradar24_flight_tracker:8.10.4:*:*:*:*:android:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-922
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys.
EPSS
Процентиль: 21%
0.00068
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-922