Search

Find a vulnerability

Search criteria

    9 vulnerabilities found for LINE by LY Corporation

    JVNDB-2024-003699

    Vulnerability from jvndb - Published: 2024-06-24 11:05 - Updated:2024-06-24 11:05
    Severity
    Summary
    LINE client for iOS vulnerable to universal cross-site scripting
    Details
    The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability (CWE-79, CVE-2024-5739). LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003699.html",
      "dc:date": "2024-06-24T11:05+09:00",
      "dcterms:issued": "2024-06-24T11:05+09:00",
      "dcterms:modified": "2024-06-24T11:05+09:00",
      "description": "The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability (CWE-79, CVE-2024-5739).\r\n\r\nLY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003699.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.1",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2024-003699",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU91384468/index.html",
          "@id": "JVNVU#91384468",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-5739",
          "@id": "CVE-2024-5739",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "LINE client for iOS vulnerable to universal cross-site scripting"
    }

    JVNDB-2023-014491

    Vulnerability from jvndb - Published: 2024-04-22 15:27 - Updated:2024-04-22 15:27
    Severity
    Summary
    LINE client for iOS vulnerable to improper server certificate verification
    Details
    The financial module within LINE client for iOS lacks server certificate verification in log transmission (CWE-295, CVE-2023-5554). LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-014491.html",
      "dc:date": "2024-04-22T15:27+09:00",
      "dcterms:issued": "2024-04-22T15:27+09:00",
      "dcterms:modified": "2024-04-22T15:27+09:00",
      "description": "The financial module within LINE client for iOS lacks server certificate verification in log transmission (CWE-295, CVE-2023-5554).\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-014491.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2023-014491",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU91696361/index.html",
          "@id": "JVNVU#91696361",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-5554",
          "@id": "CVE-2023-5554",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-5554",
          "@id": "CVE-2023-5554",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/295.html",
          "@id": "CWE-295",
          "@title": "Improper Certificate Validation(CWE-295)"
        }
      ],
      "title": "LINE client for iOS vulnerable to improper server certificate verification"
    }

    JVNDB-2019-000060

    Vulnerability from jvndb - Published: 2019-09-19 17:59 - Updated:2019-10-18 15:17
    Severity
    Summary
    Multiple integer overflow vulnerabilities in LINE(Android)
    Details
    LINE(Android) provided by LINE Corporation contains multiple integer overflow vulnerabilities (CWE-190) listed below. * Integer overflow vulnerability in processing images using apng-drawable - CVE-2019-6007 * Integer overflow vulnerability in processing images - CVE-2019-6010 LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000060.html",
      "dc:date": "2019-10-18T15:17+09:00",
      "dcterms:issued": "2019-09-19T17:59+09:00",
      "dcterms:modified": "2019-10-18T15:17+09:00",
      "description": "LINE(Android) provided by LINE Corporation contains multiple integer overflow vulnerabilities (CWE-190) listed below.\r\n* Integer overflow vulnerability in processing images using apng-drawable - CVE-2019-6007 \r\n* Integer overflow vulnerability in processing images - CVE-2019-6010\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000060.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "6.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2019-000060",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN97845465/index.html",
          "@id": "JVN#97845465",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6007",
          "@id": "CVE-2019-6007",
          "@source": "CVE"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6010",
          "@id": "CVE-2019-6010",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-6007",
          "@id": "CVE-2019-6007",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-6010",
          "@id": "CVE-2019-6010",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-189",
          "@title": "Numeric Errors(CWE-189)"
        }
      ],
      "title": "Multiple integer overflow vulnerabilities in LINE(Android)"
    }

    JVNDB-2018-000063

    Vulnerability from jvndb - Published: 2018-06-12 14:44 - Updated:2018-06-12 14:44
    Severity
    Summary
    LINE for Windows may insecurely load Dynamic Link Libraries
    Details
    LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries (CWE-427). LINE Corporation reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000063.html",
      "dc:date": "2018-06-12T14:44+09:00",
      "dcterms:issued": "2018-06-12T14:44+09:00",
      "dcterms:modified": "2018-06-12T14:44+09:00",
      "description": "LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software.\r\n If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000063.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000063",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN92265618/index.html",
          "@id": "JVN#92265618",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0609",
          "@id": "CVE-2018-0609",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0609",
          "@id": "CVE-2018-0609",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "LINE for Windows may insecurely load Dynamic Link Libraries"
    }

    JVNDB-2018-000016

    Vulnerability from jvndb - Published: 2018-02-22 15:29 - Updated:2018-06-14 12:23
    Severity
    Summary
    LINE for iOS fails to verify SSL server certificates
    Details
    LINE for iOS provided by LINE Corporation fails to verify SSL server certificates due to the vulnerability existed in the Third Party SDK which is incorporated in the application. LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000016.html",
      "dc:date": "2018-06-14T12:23+09:00",
      "dcterms:issued": "2018-02-22T15:29+09:00",
      "dcterms:modified": "2018-06-14T12:23+09:00",
      "description": "LINE for iOS provided by LINE Corporation fails to verify SSL server certificates due to the vulnerability existed in the Third Party SDK which is incorporated in the application.\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000016.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000016",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN75453852/index.html",
          "@id": "JVN#75453852",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0518",
          "@id": "CVE-2018-0518",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0518",
          "@id": "CVE-2018-0518",
          "@source": "NVD"
        }
      ],
      "title": "LINE for iOS fails to verify SSL server certificates"
    }

    JVNDB-2016-000153

    Vulnerability from jvndb - Published: 2016-08-25 14:26 - Updated:2017-05-23 14:28
    Severity
    Summary
    LINE for Windows fails to properly verify downloaded files
    Details
    The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified. LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000153.html",
      "dc:date": "2017-05-23T14:28+09:00",
      "dcterms:issued": "2016-08-25T14:26+09:00",
      "dcterms:modified": "2017-05-23T14:28+09:00",
      "description": "The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified.\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000153.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "5.1",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "8.1",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000153",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN05924524/index.html",
          "@id": "JVN#05924524",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4850",
          "@id": "CVE-2016-4850",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4850",
          "@id": "CVE-2016-4850",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "LINE for Windows fails to properly verify downloaded files"
    }

    JVNDB-2016-000123

    Vulnerability from jvndb - Published: 2016-07-08 14:29 - Updated:2016-08-19 17:44
    Severity
    Summary
    LINE for Windows may insecurely load Dynamic Link Libraries
    Details
    LINE for Windows provided by LINE Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000123.html",
      "dc:date": "2016-08-19T17:44+09:00",
      "dcterms:issued": "2016-07-08T14:29+09:00",
      "dcterms:modified": "2016-08-19T17:44+09:00",
      "description": "LINE for Windows provided by LINE Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries.\r\n\r\nTakashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000123.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000123",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN51565015/index.html",
          "@id": "JVN#51565015",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4831",
          "@id": "CVE-2016-4831",
          "@source": "CVE"
        },
        {
          "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4831",
          "@id": "CVE-2016-4831",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "LINE for Windows may insecurely load Dynamic Link Libraries"
    }

    JVNDB-2016-000029

    Vulnerability from jvndb - Published: 2016-02-19 14:43 - Updated:2016-03-10 17:39
    Severity
    Summary
    LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)
    Details
    LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline. Jun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000029.html",
      "dc:date": "2016-03-10T17:39+09:00",
      "dcterms:issued": "2016-02-19T14:43+09:00",
      "dcterms:modified": "2016-03-10T17:39+09:00",
      "description": "LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline.\r\n\r\nJun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000029.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "@version": "2.0"
        },
        {
          "@score": "3.5",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000029",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN46044093/index.html",
          "@id": "JVN#46044093",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1156",
          "@id": "CVE-2016-1156",
          "@source": "CVE"
        },
        {
          "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1156",
          "@id": "CVE-2016-1156",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2015-000040

    Vulnerability from jvndb - Published: 2015-03-20 16:16 - Updated:2024-05-09 18:15
    Severity
    N/A (UNKNOWN) - -
    Summary
    LINE vulnerable to script injection
    Details
    LINE provided by LINE Corporation is an application used to communicate with others. LINE is vulnerable to MITM (man-in-the-middle) attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker. Kenta Suefusa, Nobuaki Nakazawa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000040.html",
      "dc:date": "2024-05-09T18:15+09:00",
      "dcterms:issued": "2015-03-20T16:16+09:00",
      "dcterms:modified": "2024-05-09T18:15+09:00",
      "description": "LINE provided by LINE Corporation is an application used to communicate with others. LINE is vulnerable to MITM (man-in-the-middle) attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.\r\n\r\nKenta Suefusa, Nobuaki Nakazawa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000040.html",
      "sec:cpe": {
        "#text": "cpe:/a:linecorp:line",
        "@product": "LINE",
        "@vendor": "LY Corporation",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.1",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2015-000040",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN41281927/index.html",
          "@id": "JVN#41281927",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0897",
          "@id": "CVE-2015-0897",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-0897",
          "@id": "CVE-2015-0897",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-DesignError",
          "@title": "No Mapping(CWE-DesignError)"
        }
      ],
      "title": "LINE vulnerable to script injection"
    }