Stashcat Security Vulnerabilities and Issues — Stashcat CVE List

Lucene search

HeinekingmediaStashcat

3 matches found

CVE•added 2020/05/18 5:15 a.m.•49 views

CVE-2020-13129

An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with client_key and device_id data in the query string, which allows attackers to obtain sensitive information by reading web-server logs.

9CVSS6.8AI score0.00423EPSS

CVE•added 2020/06/17 5:15 p.m.•36 views

CVE-2020-13637

An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage databa...

7.5CVSS7.5AI score0.00079EPSS

CVE•added 2017/08/01 2:29 p.m.•32 views

CVE-2017-11132

An issue was discovered in heinekingmedia StashCat before 1.5.18 for Android. No certificate pinning is implemented; therefore the attacker could issue a certificate for the backend and the application would not notice it.

7.5CVSS7.4AI score0.00107EPSS