Vulnerability Details CVE-2018-6018
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.3%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/
- https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/
- https://www.checkmarx.com/2018/01/23/tinder-someone-may-watching-swipe-2/
- https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/