{"vulnerability": "CVE-2022-29835", "sightings": [{"uuid": "f2eb8e35-9c0d-428b-a333-5ee744d20689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29835", "type": "seen", "source": "https://t.me/cibsecurity/50087", "content": "\u203c CVE-2022-29835 \u203c\n\nWD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not collision-free. This could thereby impact the confidentiality of user content. This issue affects: Western Digital WD Discovery WD Discovery Desktop App versions prior to 4.4.396 on Mac; WD Discovery Desktop App versions prior to 4.4.396 on Windows.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T00:38:48.000000Z"}]}