CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-43171

Improper verification of applications' cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user's systems by altering the server's API response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.0%

CVSS Severity

CVSS v3 Score 6.5

References

https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements
https://nervuri.net/e/apps
https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements
https://nervuri.net/e/apps

Products affected by CVE-2021-43171

E.foundation » App Lounge » Version: N/A

cpe:2.3:a:e.foundation:app_lounge:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-43171

Products

Pricing

Contact Us