Vulnerabilites related to apache - cordova
CVE-2014-1881 (GCVE-0-2014-1881)
Vulnerability from cvelistv5
Published
2014-03-03 02:00
Modified
2024-08-06 09:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-03T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"name": "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource": "MISC",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"name": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1881",
"datePublished": "2014-03-03T02:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11990 (GCVE-0-2020-11990)
Vulnerability from cvelistv5
Published
2020-12-01 16:46
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Exposure of Sensitive Information
Summary
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Apache Cordova ( cordova-plugin-camera ) |
Version: cordova-plugin-camera@4.1.0 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:57.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html"
},
{
"name": "JVN#59779918",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN59779918/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cordova ( cordova-plugin-camera )",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "cordova-plugin-camera@4.1.0 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-07T04:06:05",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html"
},
{
"name": "JVN#59779918",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN59779918/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-11990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cordova ( cordova-plugin-camera )",
"version": {
"version_data": [
{
"version_value": "cordova-plugin-camera@4.1.0 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html",
"refsource": "MISC",
"url": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html"
},
{
"name": "JVN#59779918",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN59779918/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-11990",
"datePublished": "2020-12-01T16:46:08",
"dateReserved": "2020-04-21T00:00:00",
"dateUpdated": "2024-08-04T11:48:57.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6799 (GCVE-0-2016-6799)
Vulnerability from cvelistv5
Published
2017-05-09 15:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cordova Android |
Version: 5.2.2 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:37.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98365",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98365"
},
{
"name": "[dev] 20170509 CVE-2016-6799: Internal system information leak",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/1f3e7b0319d64b455f73616f572acee36fbca31f87f5b2e509c45b69%40%3Cdev.cordova.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cordova Android",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "5.2.2 and earlier"
}
]
}
],
"datePublic": "2017-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-11T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "98365",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98365"
},
{
"name": "[dev] 20170509 CVE-2016-6799: Internal system information leak",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/1f3e7b0319d64b455f73616f572acee36fbca31f87f5b2e509c45b69%40%3Cdev.cordova.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2016-6799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cordova Android",
"version": {
"version_data": [
{
"version_value": "5.2.2 and earlier"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98365"
},
{
"name": "[dev] 20170509 CVE-2016-6799: Internal system information leak",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/1f3e7b0319d64b455f73616f572acee36fbca31f87f5b2e509c45b69@%3Cdev.cordova.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-6799",
"datePublished": "2017-05-09T15:00:00",
"dateReserved": "2016-08-12T00:00:00",
"dateUpdated": "2024-08-06T01:43:37.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3500 (GCVE-0-2014-3500)
Vulnerability from cvelistv5
Published
2014-11-15 21:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"name": "69038",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69038"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"name": "69038",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69038"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cordova.apache.org/announcements/2014/08/04/android-351.html",
"refsource": "CONFIRM",
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"name": "69038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69038"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3500",
"datePublished": "2014-11-15T21:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0073 (GCVE-0-2014-0073)
Vulnerability from cvelistv5
Published
2017-10-30 19:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:37.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531334/100/0/threaded"
},
{
"name": "65959",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65959"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXLGJag5Q9ATUCbFtkWvMWX9XnC80kKp-HKi25gPcvV4gw%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55"
},
{
"name": "apache-cordova-cve20140073-priv-esc(91560)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91560"
},
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531334/100/0/threaded"
},
{
"name": "65959",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65959"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXLGJag5Q9ATUCbFtkWvMWX9XnC80kKp-HKi25gPcvV4gw%40mail.gmail.com%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55"
},
{
"name": "apache-cordova-cve20140073-priv-esc(91560)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91560"
},
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/30"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531334/100/0/threaded"
},
{
"name": "65959",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65959"
},
{
"name": "http://d3adend.org/blog/?p=403",
"refsource": "MISC",
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"refsource": "MLIST",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXLGJag5Q9ATUCbFtkWvMWX9XnC80kKp-HKi25gPcvV4gw@mail.gmail.com%3E"
},
{
"name": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55",
"refsource": "CONFIRM",
"url": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55"
},
{
"name": "apache-cordova-cve20140073-priv-esc(91560)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91560"
},
{
"name": "20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Mar/30"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0073",
"datePublished": "2017-10-30T19:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:37.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8320 (GCVE-0-2015-8320)
Vulnerability from cvelistv5
Published
2015-11-23 11:00
Modified
2024-08-06 08:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:32.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "77679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77679"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html"
},
{
"name": "20151120 Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "77679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77679"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html"
},
{
"name": "20151120 Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "77679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77679"
},
{
"name": "https://cordova.apache.org/announcements/2015/11/20/security.html",
"refsource": "CONFIRM",
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"name": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html"
},
{
"name": "20151120 Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-8320",
"datePublished": "2015-11-23T11:00:00",
"dateReserved": "2015-11-22T00:00:00",
"dateUpdated": "2024-08-06T08:13:32.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3501 (GCVE-0-2014-3501)
Vulnerability from cvelistv5
Published
2014-11-15 21:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "69041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69041"
},
{
"name": "http://cordova.apache.org/announcements/2014/08/04/android-351.html",
"refsource": "CONFIRM",
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3501",
"datePublished": "2014-11-15T21:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1835 (GCVE-0-2015-1835)
Vulnerability from cvelistv5
Published
2017-10-27 19:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "74866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74866"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2015/05/26/android-402.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-27T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "74866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74866"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cordova.apache.org/announcements/2015/05/26/android-402.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74866"
},
{
"name": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/",
"refsource": "MISC",
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/"
},
{
"name": "https://cordova.apache.org/announcements/2015/05/26/android-402.html",
"refsource": "CONFIRM",
"url": "https://cordova.apache.org/announcements/2015/05/26/android-402.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1835",
"datePublished": "2017-10-27T19:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21315 (GCVE-0-2021-21315)
Vulnerability from cvelistv5
Published
2021-02-16 17:00
Modified
2025-07-30 01:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| sebhildebrandt | systeminformation |
Version: < 5.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:15.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.npmjs.com/package/systeminformation"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525"
},
{
"name": "[cordova-issues] 20210224 [GitHub] [cordova-cli] iva2k opened a new issue #549: update systeminformation package to \u003e=5.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-21315",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T19:38:40.650192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-01-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21315"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:38:19.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-01-18T00:00:00+00:00",
"value": "CVE-2021-21315 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "systeminformation",
"vendor": "sebhildebrandt",
"versions": [
{
"status": "affected",
"version": "\u003c 5.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The System Information Library for Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-12T12:06:35.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.npmjs.com/package/systeminformation"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525"
},
{
"name": "[cordova-issues] 20210224 [GitHub] [cordova-cli] iva2k opened a new issue #549: update systeminformation package to \u003e=5.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/"
}
],
"source": {
"advisory": "GHSA-2m8v-572m-ff2v",
"discovery": "UNKNOWN"
},
"title": "Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-21315",
"STATE": "PUBLIC",
"TITLE": "Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "systeminformation",
"version": {
"version_data": [
{
"version_value": "\u003c 5.3.1"
}
]
}
}
]
},
"vendor_name": "sebhildebrandt"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The System Information Library for Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.npmjs.com/package/systeminformation",
"refsource": "MISC",
"url": "https://www.npmjs.com/package/systeminformation"
},
{
"name": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v",
"refsource": "CONFIRM",
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v"
},
{
"name": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525",
"refsource": "MISC",
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525"
},
{
"name": "[cordova-issues] 20210224 [GitHub] [cordova-cli] iva2k opened a new issue #549: update systeminformation package to \u003e=5.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05@%3Cissues.cordova.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210312-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/"
}
]
},
"source": {
"advisory": "GHSA-2m8v-572m-ff2v",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21315",
"datePublished": "2021-02-16T17:00:18.000Z",
"dateReserved": "2020-12-22T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:38:19.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0219 (GCVE-0-2019-0219)
Vulnerability from cvelistv5
Published
2020-01-14 14:18
Modified
2024-08-04 17:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:15.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20191127 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/28/1"
},
{
"name": "[cordova-dev] 20191128 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/197482d5ab80c0bff4a5ec16e1b0466df38389d9a4b5331d777f14fc%40%3Cdev.cordova.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/4vtg0trdrh5203dktt4f3vkd5z2d5ndj"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cordova",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "Cordova Android applications using the InAppBrowser plugin ( cordova-plugin-inappbrowser version 3.0.0 and below )"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application\u0027s webview using a specially crafted gap-iab: URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T17:58:44",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[oss-security] 20191127 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/28/1"
},
{
"name": "[cordova-dev] 20191128 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/197482d5ab80c0bff4a5ec16e1b0466df38389d9a4b5331d777f14fc%40%3Cdev.cordova.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/4vtg0trdrh5203dktt4f3vkd5z2d5ndj"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cordova",
"version": {
"version_data": [
{
"version_value": "Cordova Android applications using the InAppBrowser plugin ( cordova-plugin-inappbrowser version 3.0.0 and below )"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application\u0027s webview using a specially crafted gap-iab: URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20191127 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/11/28/1"
},
{
"name": "[cordova-dev] 20191128 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/197482d5ab80c0bff4a5ec16e1b0466df38389d9a4b5331d777f14fc%40%3Cdev.cordova.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://lists.apache.org/thread/4vtg0trdrh5203dktt4f3vkd5z2d5ndj",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/4vtg0trdrh5203dktt4f3vkd5z2d5ndj"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0219",
"datePublished": "2020-01-14T14:18:22",
"dateReserved": "2018-11-14T00:00:00",
"dateUpdated": "2024-08-04T17:44:15.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1884 (GCVE-0-2014-1884)
Vulnerability from cvelistv5
Published
2014-03-03 02:00
Modified
2024-08-06 09:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:14.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-03T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"name": "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource": "MISC",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"name": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1884",
"datePublished": "2014-03-03T02:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T09:58:14.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3160 (GCVE-0-2017-3160)
Vulnerability from cvelistv5
Published
2018-02-01 21:00
Modified
2024-09-16 19:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Man-in-the-Middle vulnerability
Summary
After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cordova Android |
Version: Apache Cordova 6.1.0 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2017/01/27/android-612.html"
},
{
"name": "95838",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95838"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cordova Android",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Cordova 6.1.0 and below"
}
]
}
],
"datePublic": "2017-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Man-in-the-Middle vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cordova.apache.org/announcements/2017/01/27/android-612.html"
},
{
"name": "95838",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95838"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-01-27T00:00:00",
"ID": "CVE-2017-3160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cordova Android",
"version": {
"version_data": [
{
"version_value": "Apache Cordova 6.1.0 and below"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man-in-the-Middle vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cordova.apache.org/announcements/2017/01/27/android-612.html",
"refsource": "MISC",
"url": "https://cordova.apache.org/announcements/2017/01/27/android-612.html"
},
{
"name": "95838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95838"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-3160",
"datePublished": "2018-02-01T21:00:00Z",
"dateReserved": "2016-12-05T00:00:00",
"dateUpdated": "2024-09-16T19:56:14.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5207 (GCVE-0-2015-5207)
Vulnerability from cvelistv5
Published
2016-05-09 20:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVNDB-2016-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000058.html"
},
{
"name": "20160427 CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538211/100/0/threaded"
},
{
"name": "88764",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/88764"
},
{
"name": "JVN#35341085",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN35341085/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVNDB-2016-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000058.html"
},
{
"name": "20160427 CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538211/100/0/threaded"
},
{
"name": "88764",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/88764"
},
{
"name": "JVN#35341085",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN35341085/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html"
},
{
"name": "https://cordova.apache.org/announcements/2016/04/27/security.html",
"refsource": "CONFIRM",
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVNDB-2016-000058",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000058.html"
},
{
"name": "20160427 CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538211/100/0/threaded"
},
{
"name": "88764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/88764"
},
{
"name": "JVN#35341085",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN35341085/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5207",
"datePublished": "2016-05-09T20:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0072 (GCVE-0-2014-0072)
Vulnerability from cvelistv5
Published
2017-10-30 19:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default value of true for the trustAllHosts option.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:38.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531335/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668"
},
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/29"
},
{
"name": "apache-cordova-cve20140072-weak-security(91561)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91561"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXKL9JtkehHC0jEoRwdvVKXt-d5uj40EwNY-Gk3ttX=wJw%40mail.gmail.com%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default value of true for the trustAllHosts option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531335/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668"
},
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/29"
},
{
"name": "apache-cordova-cve20140072-weak-security(91561)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91561"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXKL9JtkehHC0jEoRwdvVKXt-d5uj40EwNY-Gk3ttX=wJw%40mail.gmail.com%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default value of true for the trustAllHosts option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531335/100/0/threaded"
},
{
"name": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668",
"refsource": "CONFIRM",
"url": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668"
},
{
"name": "20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Mar/29"
},
{
"name": "apache-cordova-cve20140072-weak-security(91561)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91561"
},
{
"name": "http://d3adend.org/blog/?p=403",
"refsource": "MISC",
"url": "http://d3adend.org/blog/?p=403"
},
{
"name": "[cordova-dev] 20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults",
"refsource": "MLIST",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXKL9JtkehHC0jEoRwdvVKXt-d5uj40EwNY-Gk3ttX=wJw@mail.gmail.com%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0072",
"datePublished": "2017-10-30T19:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:38.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3502 (GCVE-0-2014-3502)
Vulnerability from cvelistv5
Published
2014-11-15 21:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69046",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69046"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "69046",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69046"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69046"
},
{
"name": "http://cordova.apache.org/announcements/2014/08/04/android-351.html",
"refsource": "CONFIRM",
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"name": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html",
"refsource": "CONFIRM",
"url": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3502",
"datePublished": "2014-11-15T21:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5256 (GCVE-0-2015-5256)
Vulnerability from cvelistv5
Published
2015-11-23 11:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20151120 Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536944/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html"
},
{
"name": "JVNDB-2015-000187",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000187.html"
},
{
"name": "77677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"name": "JVN#18889193",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN18889193/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20151120 Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536944/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html"
},
{
"name": "JVNDB-2015-000187",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000187.html"
},
{
"name": "77677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"name": "JVN#18889193",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN18889193/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151120 Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536944/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html"
},
{
"name": "JVNDB-2015-000187",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000187.html"
},
{
"name": "77677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77677"
},
{
"name": "https://cordova.apache.org/announcements/2015/11/20/security.html",
"refsource": "CONFIRM",
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"name": "JVN#18889193",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN18889193/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5256",
"datePublished": "2015-11-23T11:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6637 (GCVE-0-2012-6637)
Vulnerability from cvelistv5
Published
2014-03-03 02:00
Modified
2024-08-06 21:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-03T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"name": "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource": "MISC",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/",
"refsource": "MISC",
"url": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"name": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6637",
"datePublished": "2014-03-03T02:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T21:36:01.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1882 (GCVE-0-2014-1882)
Vulnerability from cvelistv5
Published
2014-03-03 02:00
Modified
2024-08-06 09:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:14.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-03T01:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"name": "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource": "MISC",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"name": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1882",
"datePublished": "2014-03-03T02:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T09:58:14.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5208 (GCVE-0-2015-5208)
Vulnerability from cvelistv5
Published
2016-05-09 20:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:09.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVN#41772178",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41772178/index.html"
},
{
"name": "JVNDB-2016-000059",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html"
},
{
"name": "88797",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/88797"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html"
},
{
"name": "20160427 CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVN#41772178",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41772178/index.html"
},
{
"name": "JVNDB-2016-000059",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html"
},
{
"name": "88797",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/88797"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html"
},
{
"name": "20160427 CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cordova.apache.org/announcements/2016/04/27/security.html",
"refsource": "CONFIRM",
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"name": "JVN#41772178",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41772178/index.html"
},
{
"name": "JVNDB-2016-000059",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html"
},
{
"name": "88797",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/88797"
},
{
"name": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html"
},
{
"name": "20160427 CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5208",
"datePublished": "2016-05-09T20:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:09.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2014-11-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:3.5.0:*:*:*:*:android:*:*",
"matchCriteriaId": "43A4D9C1-7942-45BF-9016-A7791CAE8B8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent."
},
{
"lang": "es",
"value": "Apache Cordova Android anterior a 3.5.1 permite a atacantes remotos abrir y enviar datos a aplicaciones arbitrarias a trav\u00e9s una URL con un esquema URI manipulado para un intento Android."
}
],
"id": "CVE-2014-3502",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-15T21:59:04.227",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/69046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/06/android-351-update.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69046"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-09 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "C5AF4A21-17E3-492A-BEA9-73C891342BAD",
"versionEndIncluding": "5.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition to the current log. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications."
},
{
"lang": "es",
"value": "Producto: Apache Cordova Android versiones 5.2.2 y anteriores. La aplicaci\u00f3n llama a los m\u00e9todos de la clase Log. Los mensajes pasados hacia estos m\u00e9todos (Log.v(), Log.d(), Log.i(), Log.w(), y Log.e()) son almacenados en una serie de b\u00faferes circulares en el dispositivo. Por defecto, se guardan un m\u00e1ximo de cuatro registros rotatorios de 16 KB adem\u00e1s del registro actual. Los datos registrados pueden ser le\u00eddos con Logcat en el dispositivo. Cuando se usan plataformas anteriores a Android versi\u00f3n 4.1 (Jelly Bean), los datos de registro no son procesados por un sandbox por aplicaci\u00f3n; cualquier aplicaci\u00f3n instalada en el dispositivo tiene la capacidad de leer los datos registrados mediante otras aplicaciones."
}
],
"id": "CVE-2016-6799",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-09T15:29:00.203",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98365"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/1f3e7b0319d64b455f73616f572acee36fbca31f87f5b2e509c45b69%40%3Cdev.cordova.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/1f3e7b0319d64b455f73616f572acee36fbca31f87f5b2e509c45b69%40%3Cdev.cordova.apache.org%3E"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-03 04:50
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cordova | * | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.3.0 | |
| adobe | phonegap | * | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.1.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.8.0 | |
| adobe | phonegap | 2.8.1 | |
| adobe | phonegap | 2.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A5703F-E43E-4F18-AC7B-534761942DCC",
"versionEndIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74BBFE10-2CB5-446D-9D83-E5C39F6F47C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "273742B5-559F-4BC5-994E-D559D4008108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2A0ACB-2E9C-4639-8C9B-4F0004C8DF9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8A468C2-55F1-4C6C-A547-D7E5B68EABC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C93B210-E664-447B-8859-0432CE8D4F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8F8721A-3968-438A-967D-B8B911F73CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CE1A4A77-DC7F-4C97-A7FC-5BF7E73D5DB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:phonegap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE71EC19-A23D-45B1-984B-DDD27A3DF2F8",
"versionEndIncluding": "2.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B05BE6-D8DA-40C8-BA86-67B1FD906975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C57DD500-22A7-4209-AEF7-DC8930F1BDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16EC33AF-5D22-418D-8604-EB549A197209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8124E0-6A2F-493E-875E-1D0E613A366B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D6D5BDFF-A635-45D6-A346-754BFACD00A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0A0B3637-4927-47AD-87A0-EE411C12EE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6451A3E-BEB0-4EE0-AD88-8CE3E048CB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EBEEDD73-74C5-4299-8509-324A829623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0BC85762-A07D-4C44-8458-08FC2F717462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C19E85E-6E96-4F24-8A10-393B9DB1770F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA489695-A354-4921-903F-65AD650BCB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B534832-D498-4881-AC3D-342FE50FC405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4C20AC3F-8A9D-4450-AB38-2FC4A19605F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7121F63A-3A8E-458F-87F2-DFA5A16802AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DC93C958-7FBC-427E-89E4-C84B97471EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81B0017-2BF3-4315-BFF5-B7CD5DF98A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7535E5BD-A4F0-45B9-BA79-8FE2783A58D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDC0304-7948-41DF-A330-1773E3B6336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "695CDE63-FDA3-4EDC-8D1E-D8921CCD3B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F500CA59-28E5-4EC0-B698-2A26DD4BCC46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring."
},
{
"lang": "es",
"value": "Apache Cordova 3.3.0 y anteriores y Adobe PhoneGap 2.9.0 y anteriores no identifican las expresiones regulares del final de un nombre de dominio, lo que permite a atacantes remotos evadir un mecanismo de protecci\u00f3n de lista blanca a trav\u00e9s de un nombre de dominio que contiene un nombre aceptable como subcadena inicial."
}
],
"id": "CVE-2012-6637",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-03T04:50:46.203",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.mwrinfosecurity.com/blog/2012/04/30/building-android-javajavascript-bridges/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-23 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "6C258FB7-4FE2-48EB-9B95-2544F84AA3B3",
"versionEndIncluding": "3.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI."
},
{
"lang": "es",
"value": "Apache Cordova-Android en versiones anteriores a 4.1.0, cuando una aplicaci\u00f3n conf\u00eda en un servidor remoto, implementa de manera incorrecta un mecanismo de protecci\u00f3n de lista blanca JavaScript, lo que permite a atacantes eludir las restricciones destinadas al acceso a trav\u00e9s de una URI manipulada."
}
],
"id": "CVE-2015-5256",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-23T11:59:00.127",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://jvn.jp/en/jp/JVN18889193/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000187.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/536944/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/77677"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN18889193/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134497/Apache-Cordova-3.7.2-Whitelist-Failure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536944/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-01 17:15
Modified
2024-11-21 04:59
Severity ?
Summary
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://jvn.jp/en/jp/JVN59779918/index.html | Third Party Advisory | |
| security@apache.org | https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN59779918/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:4.1.0:*:*:*:*:android:*:*",
"matchCriteriaId": "D93463B8-20CA-49B2-AE62-50D4C75B418B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally."
},
{
"lang": "es",
"value": "Hemos resuelto un problema de seguridad en el plugin de la c\u00e1mara que podr\u00eda haber afectado a determinadas aplicaciones de Cordova (Android).\u0026#xa0;Un atacante que pudiera instalar (o hacer que la v\u00edctima instale) una aplicaci\u00f3n de Android especialmente dise\u00f1ada (o maliciosa) podr\u00eda acceder a las im\u00e1genes tomadas con la aplicaci\u00f3n externamente"
}
],
"id": "CVE-2020-11990",
"lastModified": "2024-11-21T04:59:03.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-01T17:15:13.133",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN59779918/index.html"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN59779918/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-03 04:50
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | phonegap | * | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.1.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.8.0 | |
| adobe | phonegap | 2.8.1 | |
| adobe | phonegap | 2.9.0 | |
| apache | cordova | * | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:phonegap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE71EC19-A23D-45B1-984B-DDD27A3DF2F8",
"versionEndIncluding": "2.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B05BE6-D8DA-40C8-BA86-67B1FD906975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C57DD500-22A7-4209-AEF7-DC8930F1BDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16EC33AF-5D22-418D-8604-EB549A197209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8124E0-6A2F-493E-875E-1D0E613A366B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D6D5BDFF-A635-45D6-A346-754BFACD00A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0A0B3637-4927-47AD-87A0-EE411C12EE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6451A3E-BEB0-4EE0-AD88-8CE3E048CB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EBEEDD73-74C5-4299-8509-324A829623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0BC85762-A07D-4C44-8458-08FC2F717462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C19E85E-6E96-4F24-8A10-393B9DB1770F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA489695-A354-4921-903F-65AD650BCB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B534832-D498-4881-AC3D-342FE50FC405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4C20AC3F-8A9D-4450-AB38-2FC4A19605F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7121F63A-3A8E-458F-87F2-DFA5A16802AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DC93C958-7FBC-427E-89E4-C84B97471EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81B0017-2BF3-4315-BFF5-B7CD5DF98A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7535E5BD-A4F0-45B9-BA79-8FE2783A58D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDC0304-7948-41DF-A330-1773E3B6336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "695CDE63-FDA3-4EDC-8D1E-D8921CCD3B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F500CA59-28E5-4EC0-B698-2A26DD4BCC46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A5703F-E43E-4F18-AC7B-534761942DCC",
"versionEndIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74BBFE10-2CB5-446D-9D83-E5C39F6F47C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "273742B5-559F-4BC5-994E-D559D4008108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2A0ACB-2E9C-4639-8C9B-4F0004C8DF9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8A468C2-55F1-4C6C-A547-D7E5B68EABC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C93B210-E664-447B-8859-0432CE8D4F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8F8721A-3968-438A-967D-B8B911F73CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CE1A4A77-DC7F-4C97-A7FC-5BF7E73D5DB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls."
},
{
"lang": "es",
"value": "Apache Cordova 3.3.0 y anteriores y Adobe PhoneGap 2.9.0 y anteriores permiten a atacantes remotos evadir restricciones \"device-resource\" de un puente basado en eventos a trav\u00e9s de un clon de librer\u00eda manipulada que aprovecha la ejecuci\u00f3n de script IFRAME y acceda directamente objetos JavaScript puente, tal y como se demostr\u00f3 con ciertas llamadas cordova.require."
}
],
"id": "CVE-2014-1882",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-03T04:50:46.283",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "cve@mitre.org",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-09 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "BA6EE506-56CA-4B72-9C7B-DF832C3BFF2B",
"versionEndIncluding": "3.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link."
},
{
"lang": "es",
"value": "Apache Cordova iOS en versiones anteriores a 4.0.0 permite a atacantes remotos ejecutar plugins arbitrarios a trav\u00e9s de un enlace."
}
],
"id": "CVE-2015-5208",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-09T20:59:02.417",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://jvn.jp/en/jp/JVN41772178/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/88797"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN41772178/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/88797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-30 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default value of true for the trustAllHosts option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cordova_file_transfer | * | |
| apache | cordova | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova_file_transfer:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "6BB4806B-8C36-4438-B7CF-CE7AB4EDB949",
"versionEndIncluding": "0.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "AAAEF4EC-AAD2-4E7E-909E-E215270D10AF",
"versionEndIncluding": "2.9.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through 2.9.0 might allow remote attackers to spoof SSL servers by leveraging a default value of true for the trustAllHosts option."
},
{
"lang": "es",
"value": "ios/CDVFileTransfer.m en el plugin independiente Apache Cordova File-Transfer (org.apache.cordova.file-transfer) en versiones anteriores a la 0.4.2 para iOS y el plugin File-Transfer para iOS de Cordova desde la versi\u00f3n 2.4.0 hasta la 2.9.0 podr\u00eda permitir que atacantes remotos suplanten servidores SSL aprovechando un valor true por defecto para la opci\u00f3n trustAllHosts."
}
],
"id": "CVE-2014-0072",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-30T19:29:00.327",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/29"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/531335/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91561"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668"
},
{
"source": "secalert@redhat.com",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXKL9JtkehHC0jEoRwdvVKXt-d5uj40EwNY-Gk3ttX=wJw%40mail.gmail.com%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/531335/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/apache/cordova-plugin-file-transfer/commit/a1d6fc07e8a40c1b2b16f4103c403b30e1089668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXKL9JtkehHC0jEoRwdvVKXt-d5uj40EwNY-Gk3ttX=wJw%40mail.gmail.com%3E"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-03 04:50
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cordova | * | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.3.0 | |
| microsoft | windows_phone | 7 | |
| microsoft | windows_phone | 8 | |
| adobe | phonegap | * | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.1.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.8.0 | |
| adobe | phonegap | 2.8.1 | |
| adobe | phonegap | 2.9.0 | |
| microsoft | windows_phone | 7 | |
| microsoft | windows_phone | 8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A5703F-E43E-4F18-AC7B-534761942DCC",
"versionEndIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74BBFE10-2CB5-446D-9D83-E5C39F6F47C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "273742B5-559F-4BC5-994E-D559D4008108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2A0ACB-2E9C-4639-8C9B-4F0004C8DF9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8A468C2-55F1-4C6C-A547-D7E5B68EABC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C93B210-E664-447B-8859-0432CE8D4F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8F8721A-3968-438A-967D-B8B911F73CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CE1A4A77-DC7F-4C97-A7FC-5BF7E73D5DB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_phone:7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF422A0-389C-4C86-9A9D-5917F7F34E6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_phone:8:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDA3A48-1527-4B8F-AE9E-9D405CC7D253",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:phonegap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE71EC19-A23D-45B1-984B-DDD27A3DF2F8",
"versionEndIncluding": "2.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B05BE6-D8DA-40C8-BA86-67B1FD906975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C57DD500-22A7-4209-AEF7-DC8930F1BDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16EC33AF-5D22-418D-8604-EB549A197209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8124E0-6A2F-493E-875E-1D0E613A366B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D6D5BDFF-A635-45D6-A346-754BFACD00A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0A0B3637-4927-47AD-87A0-EE411C12EE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6451A3E-BEB0-4EE0-AD88-8CE3E048CB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EBEEDD73-74C5-4299-8509-324A829623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0BC85762-A07D-4C44-8458-08FC2F717462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C19E85E-6E96-4F24-8A10-393B9DB1770F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA489695-A354-4921-903F-65AD650BCB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B534832-D498-4881-AC3D-342FE50FC405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4C20AC3F-8A9D-4450-AB38-2FC4A19605F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7121F63A-3A8E-458F-87F2-DFA5A16802AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DC93C958-7FBC-427E-89E4-C84B97471EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81B0017-2BF3-4315-BFF5-B7CD5DF98A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7535E5BD-A4F0-45B9-BA79-8FE2783A58D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDC0304-7948-41DF-A330-1773E3B6336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "695CDE63-FDA3-4EDC-8D1E-D8921CCD3B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F500CA59-28E5-4EC0-B698-2A26DD4BCC46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_phone:7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF422A0-389C-4C86-9A9D-5917F7F34E6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_phone:8:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDA3A48-1527-4B8F-AE9E-9D405CC7D253",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application."
},
{
"lang": "es",
"value": "Apache Cordova 3.3.0 y anteriores y Adobe PhoneGap 2.9.0 y anteriores en Windows Phone 7 y 8 no restringen debidamente eventos de navegaci\u00f3n, lo que permite a atacantes remotos evadir restricciones \"device-resource\" a trav\u00e9s de contenido que es accedido (1) en un elemento IFRAME o (2) con el m\u00e9todo XMLHttpRequest mediante una aplicaci\u00f3n manipulada."
}
],
"id": "CVE-2014-1884",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-03T04:50:46.343",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-30 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cordova_in-app-browser | * | |
| apache | cordova | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova_in-app-browser:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "F00503CE-5126-459D-A86C-4EBD03AADBDD",
"versionEndIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9A33FFF9-7ECC-4C8D-AEA6-4C33A958A3D5",
"versionEndIncluding": "2.9.0",
"versionStartIncluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI."
},
{
"lang": "es",
"value": "La clase CDVInAppBrowser en el plugin independiente Apache Cordova In-App-Browser (org.apache.cordova.inappbrowser) en versiones anteriores a la 0.3.2 para iOS y el plugin In-App-Browser para iOS de Cordova desde la versi\u00f3n 2.6.0 hasta la 2.9.0 no valida correctamente los identificadores de devoluci\u00f3n de llamada. Esto permite que atacantes remotos ejecuten c\u00f3digo JavaScript arbitrario en la p\u00e1gina del host y, consecuentemente, obtengan privilegios mediante un URI gap-iab: manipulado."
}
],
"id": "CVE-2014-0073",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-30T19:29:00.373",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/30"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/531334/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91560"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55"
},
{
"source": "secalert@redhat.com",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXLGJag5Q9ATUCbFtkWvMWX9XnC80kKp-HKi25gPcvV4gw%40mail.gmail.com%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://d3adend.org/blog/?p=403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Mar/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/531334/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/apache/cordova-plugin-inappbrowser/commit/26702cb0720c5c394b407c23570136c53171fa55"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://mail-archives.apache.org/mod_mbox/cordova-dev/201403.mbox/%3CCAK_TSXLGJag5Q9ATUCbFtkWvMWX9XnC80kKp-HKi25gPcvV4gw%40mail.gmail.com%3E"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-16 17:15
Modified
2025-02-13 20:06
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systeminformation | systeminformation | * | |
| apache | cordova | 10.0.0 |
{
"cisaActionDue": "2022-02-01",
"cisaExploitAdd": "2022-01-18",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "System Information Library for Node.JS Command Injection",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "52B945D4-063D-4674-9AF0-12AD903B3B55",
"versionEndExcluding": "5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:10.0.0:*:*:*:*:-:*:*",
"matchCriteriaId": "480219C3-0BEA-4B50-979E-88EA4E8F1DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The System Information Library for Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected."
},
{
"lang": "es",
"value": "La Biblioteca System Information para Node.JS (paquete npm \"systeminformation\") es una colecci\u00f3n de funciones de c\u00f3digo abierto para recuperar informaci\u00f3n detallada sobre el hardware, el sistema y el SO. En systeminformation versiones anteriores a 5.3.1, se presenta una vulnerabilidad de inyecci\u00f3n de comandos. El problema se ha corregido en la versi\u00f3n 5.3.1. Como soluci\u00f3n en lugar de actualizar, aseg\u00farese de comprobar o sanear los par\u00e1metros de servicio que son pasados a las funciones si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... s\u00f3lo permiten cadenas, rechazan cualquier matriz. El saneamiento de cadenas funciona como se esperaba"
}
],
"id": "CVE-2021-21315",
"lastModified": "2025-02-13T20:06:17.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-16T17:15:13.050",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://www.npmjs.com/package/systeminformation"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.npmjs.com/package/systeminformation"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:3.5.0:*:*:*:*:android:*:*",
"matchCriteriaId": "43A4D9C1-7942-45BF-9016-A7791CAE8B8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView."
},
{
"lang": "es",
"value": "Apache Cordova Android anterior a 3.5.1 permite a atacantes remotos saltar la whitelist de HTTP y conectarse a servidores arbitrarios usando JavaScript para abrir las conexiones de WebSocket a trav\u00e9s de WebView."
}
],
"id": "CVE-2014-3501",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-11-15T21:59:03.023",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/69041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69041"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-23 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "6C258FB7-4FE2-48EB-9B95-2544F84AA3B3",
"versionEndIncluding": "3.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value."
},
{
"lang": "es",
"value": "Apache Cordova-Android en versiones anteriores a 3.7.0 genera de manera incorrecta valores aleatorios para datos BridgeSecret, lo que facilita a atacantes llevar a cabo ataques de secuestro de puente mediante la predicci\u00f3n de un valor."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/330.html\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e",
"id": "CVE-2015-8320",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-23T11:59:01.863",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/77679"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/11/20/security.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-27 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/ | Exploit, Technical Description, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/74866 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://cordova.apache.org/announcements/2015/05/26/android-402.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/ | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74866 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cordova.apache.org/announcements/2015/05/26/android-402.html | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "B847498C-3CDC-4BFA-A704-FE05A1D12261",
"versionEndIncluding": "3.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:4.0.0:*:*:*:*:android:*:*",
"matchCriteriaId": "91B10150-515B-4B60-88CE-BA536FEE2740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:4.0.1:*:*:*:*:android:*:*",
"matchCriteriaId": "C3419E8A-8461-4BEE-95F7-82AB6071050B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL."
},
{
"lang": "es",
"value": "Apache Cordova Android en versiones anteriores a la 3.7.2 y versiones 4.x anteriores a la 4.0.2, cuando una aplicaci\u00f3n no establece valores expl\u00edcitos en config.xml, permite que atacantes remotos modifiquen variables de configuraci\u00f3n secundarias no definidas (preferencias) mediante una URL intent: manipulada."
}
],
"id": "CVE-2015-1835",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-27T19:29:00.300",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74866"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/05/26/android-402.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2015/05/26/android-402.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "AB433CD9-DE60-489E-889D-7559F23136A1",
"versionEndIncluding": "3.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL."
},
{
"lang": "es",
"value": "Vulnerabilidad en la aplicaci\u00f3n Apache Cordova para Android en versiones inferiores a la 3.5.1 permite a atacantes remotos cambiar la p\u00e1gina de inicio a trav\u00e9s de URL manipuladas."
}
],
"id": "CVE-2014-3500",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-15T21:59:01.460",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/69038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cordova.apache.org/announcements/2014/08/04/android-351.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69038"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-01 21:29
Modified
2024-11-21 03:24
Severity ?
Summary
After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/95838 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://cordova.apache.org/announcements/2017/01/27/android-612.html | Mitigation, Vendor Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95838 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cordova.apache.org/announcements/2017/01/27/android-612.html | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:android:*:*",
"matchCriteriaId": "022BC79F-AC22-41B8-B6AF-BC027E8F38D1",
"versionEndExcluding": "6.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip"
},
{
"lang": "es",
"value": "Despu\u00e9s de a\u00f1adir la plataforma Android a Cordova por primera vez o despu\u00e9s de crear un proyecto utilizando los build scripts, los scripts recuperar\u00e1n Gradle en su primera build. Sin embargo, dado que la URI por defecto no utiliza https, es vulnerable a MiTM y el ejecutable Gradle no es seguro. La criticidad de esta vulnerabilidad es alta dado que los build scripts empiezan inmediatamente una build despu\u00e9s de que se recupere Gradle. Los desarrolladores que sean conscientes de este problema deber\u00edan instalar la versi\u00f3n 6.1.2 o superior de Cordova-Android. Si los desarrolladores no pueden instalar la \u00faltima versi\u00f3n, esta vulnerabilidad se puede mitigar f\u00e1cilmente configurando la variable de entorno CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL en https://services.gradle.org/distributions/gradle-2.14.1-all.zip."
}
],
"id": "CVE-2017-3160",
"lastModified": "2024-11-21T03:24:57.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-01T21:29:00.197",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95838"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2017/01/27/android-612.html"
},
{
"source": "security@apache.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2017/01/27/android-612.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-03 04:50
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cordova | * | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.0.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.1.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.2.0 | |
| apache | cordova | 3.3.0 | |
| adobe | phonegap | * | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.0.0 | |
| adobe | phonegap | 2.1.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.2.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.3.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.4.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.5.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.6.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.7.0 | |
| adobe | phonegap | 2.8.0 | |
| adobe | phonegap | 2.8.1 | |
| adobe | phonegap | 2.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A5703F-E43E-4F18-AC7B-534761942DCC",
"versionEndIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74BBFE10-2CB5-446D-9D83-E5C39F6F47C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "273742B5-559F-4BC5-994E-D559D4008108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2A0ACB-2E9C-4639-8C9B-4F0004C8DF9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8A468C2-55F1-4C6C-A547-D7E5B68EABC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C93B210-E664-447B-8859-0432CE8D4F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8F8721A-3968-438A-967D-B8B911F73CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cordova:3.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CE1A4A77-DC7F-4C97-A7FC-5BF7E73D5DB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:phonegap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE71EC19-A23D-45B1-984B-DDD27A3DF2F8",
"versionEndIncluding": "2.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B05BE6-D8DA-40C8-BA86-67B1FD906975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C57DD500-22A7-4209-AEF7-DC8930F1BDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16EC33AF-5D22-418D-8604-EB549A197209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8124E0-6A2F-493E-875E-1D0E613A366B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D6D5BDFF-A635-45D6-A346-754BFACD00A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0A0B3637-4927-47AD-87A0-EE411C12EE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6451A3E-BEB0-4EE0-AD88-8CE3E048CB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EBEEDD73-74C5-4299-8509-324A829623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0BC85762-A07D-4C44-8458-08FC2F717462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C19E85E-6E96-4F24-8A10-393B9DB1770F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA489695-A354-4921-903F-65AD650BCB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B534832-D498-4881-AC3D-342FE50FC405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4C20AC3F-8A9D-4450-AB38-2FC4A19605F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7121F63A-3A8E-458F-87F2-DFA5A16802AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DC93C958-7FBC-427E-89E4-C84B97471EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F81B0017-2BF3-4315-BFF5-B7CD5DF98A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7535E5BD-A4F0-45B9-BA79-8FE2783A58D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDC0304-7948-41DF-A330-1773E3B6336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "695CDE63-FDA3-4EDC-8D1E-D8921CCD3B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:phonegap:2.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F500CA59-28E5-4EC0-B698-2A26DD4BCC46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization."
},
{
"lang": "es",
"value": "Apache Cordova 3.3.0 y anteriores y Adobe PhoneGap 2.9.0 y anteriores permiten a atacantes remotos evadir restricciones \"device-resource\" de un puente basado en eventos a trav\u00e9s de un clon de librar\u00eda manipulada que aprovecha la ejecuci\u00f3n de script IFRAME y espera una cierta cantidad de tiempo para un valor de vuelta del manejador OnJsPrompt como alternativa a la sincronizaci\u00f3n correcta."
}
],
"id": "CVE-2014-1881",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-03T04:50:46.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-09 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cordova:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "BA6EE506-56CA-4B72-9C7B-DF832C3BFF2B",
"versionEndIncluding": "3.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods."
},
{
"lang": "es",
"value": "Apache Cordova iOS en versiones anteriores a 4.0.0 podr\u00edan permitir a atacantes eludir un mecanismo de protecci\u00f3n de lista blanca de URL en una aplicaci\u00f3n y cargar recursos arbitrarios aprovechando m\u00e9todos no especificados."
}
],
"id": "CVE-2015-5207",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-09T20:59:00.133",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://jvn.jp/en/jp/JVN35341085/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000058.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/538211/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/88764"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN35341085/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/136840/Apache-Cordova-iOS-3.9.1-Access-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/538211/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/88764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cordova.apache.org/announcements/2016/04/27/security.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}