Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-0238: Injecting Activity Loads in WARP Mobile Client (Android)

Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim’s device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app.

CVE
Open in Source
#vulnerability#android

Package

Cloudflare WARP Mobile Client (Android)

Description

Impact

Due to lack of a security policy, the WARP Mobile Client (< 6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim’s device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app.

Patches

This vulnerability has been fixed in the WARP Mobile Client version 6.29 for Android. Users are encouraged to update to the latest version.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE