CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-3988

MEDIUM
4.7
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile40.61th
Published2018年12月10日
Last Modified2024年11月21日

Vulnerability Description

Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.

Affected Platforms (CPE)

📦
Signal

Private Messenger

= 4.24.8

References & Advisories

🔗 http://www.securityfocus.com/bid/106207
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656
🔗 http://www.securityfocus.com/bid/106207
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656

関連する脆弱性情報

CVE-2019-171929.8

The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packet...

CVE-2019-171917.5

The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee ...

CVE-2019-99706.5

Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android ar...

CVE-2020-57535.3

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phon...