VYPR

LINE client for iOS

by Linecorp

CVEs (8)

  • CVE-2022-41568HigNov 29, 2022
    risk 0.49cvss 7.5epss 0.01

    LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.

  • CVE-2021-41011HigSep 22, 2021
    risk 0.49cvss 7.5epss 0.01

    LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.

  • CVE-2026-3861MedApr 16, 2026
    risk 0.42cvss 6.5epss 0.00

    LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become…

  • CVE-2024-5739MedJun 12, 2024
    risk 0.40cvss 6.1epss 0.00

    The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site…

  • CVE-2021-36214MedJul 13, 2021
    risk 0.40cvss 6.1epss 0.01

    LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.

  • CVE-2021-36215MedSep 8, 2021
    risk 0.35cvss 5.3epss 0.01

    LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling.

  • CVE-2023-5554MedOct 12, 2023
    risk 0.31cvss 4.8epss 0.00

    Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0.

  • CVE-2025-14022Dec 15, 2025
    risk 0.00cvss epss 0.00

    LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a…