CVE-2022-1955

Published
View on NVD ↗
CVSS v3
4.6
MEDIUM
CVSS v2
2.1
LOW
Affected
1
PROJECT

Description

Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.

oxen-io/session-android
oxen-io/session-android
Session Android - Onion routing based messenger [DEPRECATED SEE README]
GitHubGitHub
1.94K