Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Texture-iOS by Apple
CVE-2019-8632 (GCVE-0-2019-8632)
Vulnerability from nvd – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
VEX
Summary
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.
Severity
No CVSS data available.
CWE
- An attacker in a privileged network position may be able to intercept analytics data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.info-sec.ca/advisories/Texture.html | x_refsource_MISC |
| https://support.apple.com/HT210110 | x_refsource_MISC |
| https://support.apple.com/HT210111 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | Texture-iOS |
Affected:
unspecified , < Texture 5.11.10 for iOS
(custom)
|
|
| Apple | Texture-Android |
Affected:
unspecified , < Texture 4.22.0.4 for Android
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210111"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Texture-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Texture 5.11.10 for iOS",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Texture-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Texture 4.22.0.4 for Android",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker in a privileged network position may be able to intercept analytics data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T14:46:31.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210111"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Texture-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Texture 5.11.10 for iOS"
}
]
}
},
{
"product_name": "Texture-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Texture 4.22.0.4 for Android"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An attacker in a privileged network position may be able to intercept analytics data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.info-sec.ca/advisories/Texture.html",
"refsource": "MISC",
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"name": "https://support.apple.com/HT210110",
"refsource": "MISC",
"url": "https://support.apple.com/HT210110"
},
{
"name": "https://support.apple.com/HT210111",
"refsource": "MISC",
"url": "https://support.apple.com/HT210111"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8632",
"datePublished": "2019-12-18T17:33:20.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8632 (GCVE-0-2019-8632)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
VEX
Summary
Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.
Severity
No CVSS data available.
CWE
- An attacker in a privileged network position may be able to intercept analytics data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.info-sec.ca/advisories/Texture.html | x_refsource_MISC |
| https://support.apple.com/HT210110 | x_refsource_MISC |
| https://support.apple.com/HT210111 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | Texture-iOS |
Affected:
unspecified , < Texture 5.11.10 for iOS
(custom)
|
|
| Apple | Texture-Android |
Affected:
unspecified , < Texture 4.22.0.4 for Android
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210111"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Texture-iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "Texture 5.11.10 for iOS",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Texture-Android",
"vendor": "Apple",
"versions": [
{
"lessThan": "Texture 4.22.0.4 for Android",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker in a privileged network position may be able to intercept analytics data",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T14:46:31.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210111"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Texture-iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Texture 5.11.10 for iOS"
}
]
}
},
{
"product_name": "Texture-Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Texture 4.22.0.4 for Android"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An attacker in a privileged network position may be able to intercept analytics data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.info-sec.ca/advisories/Texture.html",
"refsource": "MISC",
"url": "https://www.info-sec.ca/advisories/Texture.html"
},
{
"name": "https://support.apple.com/HT210110",
"refsource": "MISC",
"url": "https://support.apple.com/HT210110"
},
{
"name": "https://support.apple.com/HT210111",
"refsource": "MISC",
"url": "https://support.apple.com/HT210111"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8632",
"datePublished": "2019-12-18T17:33:20.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}