Signal-Desktop
by Open Whisper
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11101 | Med | 0.40 | 6.1 | 0.01 | May 17, 2018 | Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability than CVE-2018-10994. The attacker needs to send HTML… | ||
| CVE-2018-14023 | Med | 0.19 | 4.0 | 0.00 | Aug 20, 2018 | Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows information leakage. |
- risk 0.40cvss 6.1epss 0.01
Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability than CVE-2018-10994. The attacker needs to send HTML…
- risk 0.19cvss 4.0epss 0.00
Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows information leakage.