Vulnerabilities for Google i/o 2017 (...) - CXSECURITY.COM

Vulnerabilities for 'Google i/o 2017'

2017-05-18

CVE-2017-9045

CWE-311

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocks_v4.json file.

>>> Vendor: Google 95 Products

Mini search appliance

Search appliance

Custom search engine

Google sketchup

App engine python sdk

Cr-48 chromebook

Android sdk tools

Google authenticator

Search appliance software

Android debug bridge

Android sdk platform tools

Android browser

Calendar events

Play services sdk

Google i/o 2017

News and weather

Chromecast firmware

Kubernetes engine

Nexus 7 firmware

Nexus 9 firmware

Cloud messaging notification

Nest cam iq indoor firmware

Closure library

Chrome-launcher

Secret manager provider for secret store csi driver

Exposure notifications verification server

Cloud iot device sdk for embedded c

Exposure notification verification server

Google-protobuf

Protobuf-kotlin

Oauth client library for java

Copyright 2024, cxsecurity.com