Описание
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:apple:music:3.5.0:*:*:*:*:android:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
5.9 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-200
Связанные уязвимости
CVSS3: 5.9
github
почти 3 года назад
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
EPSS
Процентиль: 39%
0.00172
Низкий
5.9 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-200