Search criteria
4 vulnerabilities found for Shazam-iOS by Apple
CVE-2019-8792 (GCVE-0-2019-8792)
Vulnerability from nvd – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
VLAI?
Summary
An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
Severity ?
No CVSS data available.
CWE
- Processing a maliciously crafted URL may lead to arbitrary javascript code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | Shazam-Android |
Affected:
unspecified , < Shazam Android App Version 9.25.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Shazam-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam Android App Version 9.25.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Shazam-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam iOS App Version 12.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:23.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210745"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Shazam-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam Android App Version 9.25.0"
}
]
}
},
{
"product_name": "Shazam-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam iOS App Version 12.11.0"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210744",
"refsource": "MISC",
"url": "https://support.apple.com/HT210744"
},
{
"name": "https://support.apple.com/HT210745",
"refsource": "MISC",
"url": "https://support.apple.com/HT210745"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8792",
"datePublished": "2019-12-18T17:33:23.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:31:37.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8791 (GCVE-0-2019-8791)
Vulnerability from nvd – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
VLAI?
Summary
An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.
Severity ?
No CVSS data available.
CWE
- Processing a maliciously crafted URL may lead to an open redirect
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | Shazam-Android |
Affected:
unspecified , < Shazam Android App Version 9.25.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Shazam-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam Android App Version 9.25.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Shazam-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam iOS App Version 12.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted URL may lead to an open redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:23.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210745"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Shazam-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam Android App Version 9.25.0"
}
]
}
},
{
"product_name": "Shazam-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam iOS App Version 12.11.0"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted URL may lead to an open redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210744",
"refsource": "MISC",
"url": "https://support.apple.com/HT210744"
},
{
"name": "https://support.apple.com/HT210745",
"refsource": "MISC",
"url": "https://support.apple.com/HT210745"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8791",
"datePublished": "2019-12-18T17:33:23.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:31:37.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8792 (GCVE-0-2019-8792)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
VLAI?
Summary
An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
Severity ?
No CVSS data available.
CWE
- Processing a maliciously crafted URL may lead to arbitrary javascript code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | Shazam-Android |
Affected:
unspecified , < Shazam Android App Version 9.25.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Shazam-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam Android App Version 9.25.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Shazam-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam iOS App Version 12.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:23.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210745"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Shazam-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam Android App Version 9.25.0"
}
]
}
},
{
"product_name": "Shazam-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam iOS App Version 12.11.0"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210744",
"refsource": "MISC",
"url": "https://support.apple.com/HT210744"
},
{
"name": "https://support.apple.com/HT210745",
"refsource": "MISC",
"url": "https://support.apple.com/HT210745"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8792",
"datePublished": "2019-12-18T17:33:23.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:31:37.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8791 (GCVE-0-2019-8791)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:31
VLAI?
Summary
An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.
Severity ?
No CVSS data available.
CWE
- Processing a maliciously crafted URL may lead to an open redirect
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | Shazam-Android |
Affected:
unspecified , < Shazam Android App Version 9.25.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Shazam-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam Android App Version 9.25.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Shazam-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Shazam iOS App Version 12.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted URL may lead to an open redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:23.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210744"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210745"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Shazam-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam Android App Version 9.25.0"
}
]
}
},
{
"product_name": "Shazam-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Shazam iOS App Version 12.11.0"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted URL may lead to an open redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210744",
"refsource": "MISC",
"url": "https://support.apple.com/HT210744"
},
{
"name": "https://support.apple.com/HT210745",
"refsource": "MISC",
"url": "https://support.apple.com/HT210745"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8791",
"datePublished": "2019-12-18T17:33:23.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:31:37.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}