EUVD-2021-8161

Malicious code in bioql PyPI...

EUVD-2021-8162

Malicious code in bioql PyPI...

CVE-2021-20747

Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

CVE-2021-20747

Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2021-20747

Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

CVE-2021-20748

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2021-20748

The CVE-2021-20748 entry concerns Retty App for Android (versions prior to 4.8.13) and iOS (versions prior to 4.11.14) that hard-code an API key for an external service. The root cause is a hard-coded credential embedded in the app, allowing an observer analyzing the app’s data to obtain the API ...

CVE-2021-20747

CVE-2021-20747 concerns the Retty App (Android prior to 4.8.13, iOS prior to 4.11.14). The vulnerability is improper authorization in the custom URL scheme handler, which can let a remote attacker direct a user to an arbitrary website via the vulnerable app. Impact is described as user-directed n...

CVE-2021-20747

Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

Retty App 安全漏洞

Retty Retty App is a food app from Retty Japan. Retty App suffers from a security vulnerability that stems from improper authorization in the handler allowing remote attackers to exploit the vulnerability to direct users to arbitrary websites via a vulnerable app...

Retty App 信任管理问题漏洞

Retty Retty App is a food app from Retty Japan. Retty App suffers from a trust management issue vulnerability that Retty App uses hard-coded API keys as an external service...

JVN#26891339: Multiple vulnerabilities in Retty App

Retty App provided by Retty Inc. contains multiple vulnerabilities listed below. The app is launched by Custom URL Scheme and a user may be led to access an arbitrary URL CWE-939 - CVE-2021-20747 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score:...