Lucene search

PRIOn knowledge basePRION:CVE-2021-43171

HistoryAug 22, 2023 - 7:16 p.m.

Input validation

2023-08-2219:16:00

PRIOn knowledge base

www.prio-n.com

cryptographic verification

/e/os

app lounge

malicious applications

api response

security vulnerability

6.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

JSON

Improper verification of applications’ cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user’s systems by altering the server’s API response.

CPENameOperatorVersion
app_loungeeq< 0.19q

CPE	Name	Operator	Version
	app_lounge	eq	< 0.19q

References

gitlab.e.foundation/e/os/releases/-/releases/v0.19-q

nervuri.net/e/apps