Skip to main content
CVE-2024-6295 LOW Monitor

udn News Android APP stores the unencrypted user session in the local database when user log into the application. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google
NVD
CVSS 3.1
3.9
EPSS
0.2%
CVE-2024-6294 LOW Monitor

udn News Android APP stores the user session in logcat file when user log into the APP. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google
NVD
CVSS 3.1
3.9
EPSS
0.2%
CVE-2024-6299 LOW Monitor

Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Conduit
NVD
CVSS 3.1
3.7
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy