Описание
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.
EPSS
Процентиль: 29%
0.00104
Низкий
3.2 Low
CVSS3
Дефекты
CWE-1025
Связанные уязвимости
CVSS3: 3.2
github
11 месяцев назад
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.
EPSS
Процентиль: 29%
0.00104
Низкий
3.2 Low
CVSS3
Дефекты
CWE-1025