CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

PT-2024-26947 · Freefrom · Freefrom

Name of the Vulnerable Software and Affected Versions: FreeFrom - the nostr client versions prior to 1.3.5 Description: The issue exists due to reliance on obfuscation or encryption of security-relevant inputs without integrity checking. If exploited, the content of direct messages between users...

PT-2024-26952 · Freefrom · Freefrom

Name of the Vulnerable Software and Affected Versions: FreeFrom - the nostr client versions prior to 1.3.5 Description: A reusing nonce, key pair in encryption issue exists. If this issue is exploited, the content of direct messages between users may be manipulated by a man-in-the-middle attack...

FreeFrom Security Vulnerabilities

FreeFrom is an application from FreeFrom, Inc. dedicated to bringing privacy and free speech back to SNSs. A security vulnerability exists in FreeFrom the nostr client prior to version 1.3.5 that stems from the application having a dependency on obfuscating or encrypting security-related input...

PT-2024-26945 · Freefrom · Freefrom

Name of the Vulnerable Software and Affected Versions: FreeFrom - the nostr client versions prior to 1.3.5 Description: The issue is related to improper verification of cryptographic signatures. This means the affected app cannot detect event data with invalid signatures, potentially allowing...

JVN#55045256: Multiple vulnerabilities in "FreeFrom - the nostr client" App

"FreeFrom - the nostr client" App provided by FreeFrom K.K. contains multiple vulnerabilities listed below. Improper verification of cryptographic signature CWE-347 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2024-36277 Reliance on obfuscation or encryption of security-relevan...