Improper verification of applications’ cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user’s systems by altering the server’s API response.
CPE | Name | Operator | Version |
---|---|---|---|
app_lounge | eq | < 0.19q |