Skip to main content

Phonegap

5 CVEs product

Monthly

CVE-2014-1884 HIGH POC This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Adobe Apache Microsoft Cordova +1
NVD
CVSS 2.0
7.5
EPSS
2.0%
CVE-2014-1883 HIGH POC PATCH This Week

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Adobe Google Phonegap
NVD GitHub
CVSS 2.0
7.5
EPSS
1.3%
CVE-2014-1882 HIGH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Apache Phonegap Cordova
NVD
CVSS 2.0
7.5
EPSS
7.7%
CVE-2014-1881 HIGH POC PATCH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Adobe Apache Cordova Phonegap
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2012-6637 HIGH POC PATCH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Adobe Apache Authentication Bypass Cordova Phonegap
NVD
CVSS 2.0
7.5
EPSS
1.3%
EPSS 2% CVSS 7.5
HIGH POC This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Adobe Apache +3
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Adobe Google +1
NVD GitHub
EPSS 8% CVSS 7.5
HIGH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Apache +2
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Adobe Apache +2
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Adobe Apache Authentication Bypass +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy