RSS   Vulnerabilities for 'Signal'   RSS

2020-05-20
 
CVE-2020-5753

CWE-200
 

 
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.

 
2018-08-29
 
CVE-2018-16132

CWE-400
 

 
The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed, resulting in a forced restart of the device.

 
2018-04-10
 
CVE-2018-9840

CWE-noinfo
 

 
The Open Whisper Signal app before 2.23.2 for iOS allows physically proximate attackers to bypass the screen locker feature via certain rapid sequences of actions that include app opening, clicking on cancel, and using the home button.

 

 >>> Vendor: Signal 5 Products
Messenger
Signal
Signal-desktop
Private messenger
Signal private messenger


Copyright 2024, cxsecurity.com

 

Back to Top