VYPR

Line

by Linecorp

CVEs (13)

  • CVE-2016-4850HigApr 20, 2017
    risk 0.53cvss 8.1epss 0.02

    LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.

  • CVE-2016-4831HigJul 12, 2016
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2021-36214MedJul 13, 2021
    risk 0.40cvss 6.1epss 0.01

    LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.

  • CVE-2016-1156MedFeb 19, 2016
    risk 0.37cvss 5.7epss 0.01

    LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline.

  • CVE-2025-14023Dec 15, 2025
    risk 0.00cvss epss 0.00

    LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions.

  • CVE-2025-14021Dec 15, 2025
    risk 0.00cvss epss 0.00

    The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content.

  • CVE-2025-14020Dec 15, 2025
    risk 0.00cvss epss 0.00

    LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct…

  • CVE-2025-14019Dec 15, 2025
    risk 0.00cvss epss 0.00

    LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks.

  • CVE-2023-45559Jan 3, 2024
    risk 0.00cvss epss 0.01

    An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.

  • CVE-2023-39733Oct 24, 2023
    risk 0.00cvss epss 0.01

    The leakage of the client secret in TonTon-Tei Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

  • CVE-2023-39040Sep 18, 2023
    risk 0.00cvss epss 0.00

    An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

  • CVE-2023-31818Jul 11, 2023
    risk 0.00cvss epss 0.01

    An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.

  • CVE-2013-7144Aug 16, 2014
    risk 0.00cvss epss 0.01

    LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.