Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-10-12
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-11-29
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-09-22
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-09-08
LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-07-13
LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-02-23