CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-42979

Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take over an account via a deep link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.048

EPSS Ranking 89.0%

CVSS Severity

CVSS v3 Score 8.8

References

https://medium.com/%40jalee0606/how-i-found-my-first-one-click-account-takeover-via-deeplink-in-ryde-5406010c36d8
https://medium.com/%40jalee0606/how-i-found-my-first-one-click-account-takeover-via-deeplink-in-ryde-5406010c36d8

Products affected by CVE-2022-42979

Rydesharing » Ryde » Version: 5.8.43

cpe:2.3:a:rydesharing:ryde:5.8.43

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-42979

Products

Pricing

Contact Us