Lucene search
K

4 matches found

Prion
Prion
added 2017/05/18 6:29 a.m.13 views

Design/Logic Flaw

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocksv4.json file...

4.3CVSS5.6AI score0.00263EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/05/18 6:29 a.m.13 views

CVE-2017-9045

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocksv4.json file...

5.9CVSS5.5AI score0.00263EPSS
Exploits1References2
CVE
CVE
added 2017/05/18 6:13 a.m.40 views

CVE-2017-9045

The CVE-2017-9045 issue affects the Google I/O 2017 Android app (pre-5.1.4). It downloads multiple .json files from http://storage.googleapis.com without SSL, enabling MITM attackers to spoof Feed and Schedule data via a modified blocks_v4.json file. This is described in official CVE/NVD records;...

5.9CVSS5.5AI score0.00263EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/05/18 6:13 a.m.18 views

CVE-2017-9045

The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocksv4.json file...

5.5AI score0.00263EPSS
Exploits1References2
Rows per page
Query Builder