VYPR
Unrated severityNVD Advisory· Published Oct 5, 2019· Updated Aug 5, 2024

CVE-2019-17192

CVE-2019-17192

Description

The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs

Affected products

2
  • Signal/Private Messenger applicationdescription
  • Signal/Signalllm-fuzzy
    Range: <=4.47.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.