Signal Private Messenger 4.42.1 for Android

CPE Details

Signal Private Messenger 4.42.1 for Android
signal
private_messenger
4.42.1
2022-04-07
15h20 +00:00
2022-04-07
15h54 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:signal:private_messenger:4.42.1:*:*:*:*:android:*:*

Informations

Vendor

signal

Product

private_messenger

Version

4.42.1

Target Software

android

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-5753 2020-05-20 11h40 +00:00 Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.
5.3
Medium
CVE-2019-17191 2019-10-04 23h15 +00:00 The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.
7.5
High
CVE-2019-17192 2019-10-04 23h13 +00:00 The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs
9.8
Critical