Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 9 of 9 results


CVE-2014-1887

Medium priority
Ignored

The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information,...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1886

Medium priority
Ignored

The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1885

Medium priority
Ignored

The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1884

Medium priority
Ignored

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1883

Medium priority
Ignored

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1882

Medium priority
Ignored

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2014-1881

Medium priority
Ignored

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2012-6637

Medium priority
Ignored

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not affected
Show less packages

CVE-2012-6636

Medium priority
Vulnerable

The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript...

2 affected packages

cordova-ubuntu, cordova-ubuntu-3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cordova-ubuntu Not in release Not in release Not in release Not in release Not in release
cordova-ubuntu-3.4 Not in release Not in release Not in release Not in release Vulnerable
Show less packages