Drawing the LINE: Cryptographic Analysis and Security Improvements for the LINE E2EE Protocol

LINE has emerged as one of the most popular communication platforms in many East Asian countries, including Thailand and Japan, with millions of active users. Therefore, it is essential to understand its security guarantees. In this work, we present the first provable security analysis of the LIN...

CVE-2023-43304

An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43995

An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-48132

An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-48130

An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

PT-2024-13545 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the kimono-oldnew mini-app allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploit the system. Recommendations: F...

Line Security Breach

Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from the Luxe Beauty Clinic applet that may disclose access tokens...

Line Security Breach

Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from a UNITED BOXING GYM applet that may disclose access tokens...

Line Security Breach

Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from the angel coffee applet that may disclose access tokens...

PT-2024-13550 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the mimasaka farm mini-app allows attackers to send crafted malicious notifications via leakage of the channel access token. Recommendations: For Line version 13.6.1, update to a newer version that...

Line Security Breach

Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from the mimasakafarm applet that may disclose access tokens...

CVE-2023-43997

An issue in Yoruichi hobby base mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43990

An issue in cherub-hair mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43995

An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43994

An issue in Cleaningmakotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43992

An issue in STOCKMAN GROUP mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

PT-2024-13162 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the Books-futaba mini-app on Line allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploit the system, potentially...

PT-2024-13156 · Unknown · Prima Clinic Mini-App

Name of the Vulnerable Software and Affected Versions: PRIMA CLINIC mini-app on Line version 13.6.1 Description: An issue in the PRIMA CLINIC mini-app on Line allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploi...

PT-2024-13165 · Line · Ailand Clinic Mini-App

Name of the Vulnerable Software and Affected Versions: Ailand clinic mini-app on Line version 13.6.1 Description: An issue in the Ailand clinic mini-app on Line allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to...

Line Security Breach

Line is an instant messaging platform from Line Inc. Line version v13.6.1 suffers from a security vulnerability that stems from Ailand clinic that allows an attacker to send a crafted malicious notification by compromising a channel access token...