Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Shazam-Android by Apple

    CVE-2019-8792 (GCVE-0-2019-8792)

    Vulnerability from nvd – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted URL may lead to arbitrary javascript code execution
    Assigner
    References
    URL Tags
    https://support.apple.com/HT210744 x_refsource_MISC
    https://support.apple.com/HT210745 x_refsource_MISC
    Impacted products
    Vendor Product Version
    Apple Shazam-Android Affected: unspecified , < Shazam Android App Version 9.25.0 (custom)
    Create a notification for this product.
    Apple Shazam-iOS Affected: unspecified , < Shazam iOS App Version 12.11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210744"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210745"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shazam-Android",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam Android App Version 9.25.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Shazam-iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam iOS App Version 12.11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-18T17:33:23.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210744"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210745"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8792",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shazam-Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam Android App Version 9.25.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Shazam-iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam iOS App Version 12.11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/HT210744",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210744"
                },
                {
                  "name": "https://support.apple.com/HT210745",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210745"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8792",
        "datePublished": "2019-12-18T17:33:23.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8791 (GCVE-0-2019-8791)

    Vulnerability from nvd – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted URL may lead to an open redirect
    Assigner
    References
    URL Tags
    https://support.apple.com/HT210744 x_refsource_MISC
    https://support.apple.com/HT210745 x_refsource_MISC
    Impacted products
    Vendor Product Version
    Apple Shazam-Android Affected: unspecified , < Shazam Android App Version 9.25.0 (custom)
    Create a notification for this product.
    Apple Shazam-iOS Affected: unspecified , < Shazam iOS App Version 12.11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.471Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210744"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210745"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shazam-Android",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam Android App Version 9.25.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Shazam-iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam iOS App Version 12.11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted URL may lead to an open redirect",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-18T17:33:23.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210744"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210745"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8791",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shazam-Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam Android App Version 9.25.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Shazam-iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam iOS App Version 12.11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted URL may lead to an open redirect"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/HT210744",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210744"
                },
                {
                  "name": "https://support.apple.com/HT210745",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210745"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8791",
        "datePublished": "2019-12-18T17:33:23.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8792 (GCVE-0-2019-8792)

    Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted URL may lead to arbitrary javascript code execution
    Assigner
    References
    URL Tags
    https://support.apple.com/HT210744 x_refsource_MISC
    https://support.apple.com/HT210745 x_refsource_MISC
    Impacted products
    Vendor Product Version
    Apple Shazam-Android Affected: unspecified , < Shazam Android App Version 9.25.0 (custom)
    Create a notification for this product.
    Apple Shazam-iOS Affected: unspecified , < Shazam iOS App Version 12.11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210744"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210745"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shazam-Android",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam Android App Version 9.25.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Shazam-iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam iOS App Version 12.11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-18T17:33:23.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210744"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210745"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8792",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shazam-Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam Android App Version 9.25.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Shazam-iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam iOS App Version 12.11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/HT210744",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210744"
                },
                {
                  "name": "https://support.apple.com/HT210745",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210745"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8792",
        "datePublished": "2019-12-18T17:33:23.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8791 (GCVE-0-2019-8791)

    Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted URL may lead to an open redirect
    Assigner
    References
    URL Tags
    https://support.apple.com/HT210744 x_refsource_MISC
    https://support.apple.com/HT210745 x_refsource_MISC
    Impacted products
    Vendor Product Version
    Apple Shazam-Android Affected: unspecified , < Shazam Android App Version 9.25.0 (custom)
    Create a notification for this product.
    Apple Shazam-iOS Affected: unspecified , < Shazam iOS App Version 12.11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.471Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210744"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/HT210745"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shazam-Android",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam Android App Version 9.25.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Shazam-iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "Shazam iOS App Version 12.11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted URL may lead to an open redirect",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-18T17:33:23.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210744"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/HT210745"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8791",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shazam-Android",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam Android App Version 9.25.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Shazam-iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "Shazam iOS App Version 12.11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted URL may lead to an open redirect"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/HT210744",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210744"
                },
                {
                  "name": "https://support.apple.com/HT210745",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/HT210745"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8791",
        "datePublished": "2019-12-18T17:33:23.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }