CVE-2022-42979

High

Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take…

mitre·CWE-295·Published 2023-01-06

CVSS

8.8

EPSS

0.24

KEV

Exploits

cve.orgen

170 chars

Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take over an account via a deep link.

NVDen

170 chars

Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take over an account via a deep link.

La divulgación de información debido a una validación insegura del nombre de host en la aplicación RYDE 5.8.43 para Android e iOS permite a los atacantes hacerse cargo de una cuenta a través de un enlace profundo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H