Music Security Vulnerabilities and Issues — Music CVE List

Lucene search

AppleMusic

6 matches found

CVE•added 2023/02/27 8:15 p.m.•75 views

CVE-2022-32906

This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections.

5.3CVSS4.1AI score0.0008EPSS

CVE•added 2023/02/27 8:15 p.m.•53 views

CVE-2021-46841

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.

5.9CVSS4.7AI score0.00129EPSS

CVE•added 2023/02/27 8:15 p.m.•53 views

CVE-2022-32836

This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

7.5CVSS6.2AI score0.00127EPSS

CVE•added 2023/07/28 5:15 a.m.•51 views

CVE-2023-28203

The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.

5.5CVSS4.3AI score0.00055EPSS

CVE•added 2023/02/27 8:15 p.m.•50 views

CVE-2022-32846

A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

7.5CVSS6.2AI score0.00148EPSS

CVE•added 2023/07/28 5:15 a.m.•38 views

CVE-2023-32427

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic.

5.9CVSS4.6AI score0.00108EPSS