CVE List


Moderate 5.3

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.

Published May 20, 2020.

Affected software

Signal Signal

Signal Signal Private Messenger

Reference links

Sign Up for Alerts