Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling.
AnalysisAI
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling. Affected products include: Linecorp Line.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel acce
An issue in studio kent mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of
An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of
An issue in sanTas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the
An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leaka
nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. Rated high se
An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. R
An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET r
An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET reque
An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via craf
An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. Rated high severity (CVSS 7.0). Public
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today