CVE-2024-2045

The CVE-2024-2045 entry concerns Session version 1.17.5. Affected component: Local File Read via chat attachments, enabling retrieval of internal application files and public files from a user’s device without consent. This is a Local attack (LOCAL) requiring user interaction. Descriptions from m...

CVE-2022-1955

CVE-2022-1955 affects the Session app (version 1.13.0). The root cause described across sources is a lack of adequate security controls to prevent dynamic code manipulation, enabling an attacker with physical access to bypass the password/pin lock and access user data. Public details in the docum...