What software versions are affected by CVE-2018-14023?

Open Whisper Signal (aka Signal-Desktop) versions up to and including 1.15.0-beta.9, as well as 1.15.0-beta1 to 1.15.0-beta9, are affected by CVE-2018-14023.

What is the severity of CVE-2018-14023?

The severity of CVE-2018-14023 is medium (4 out of 5).

How can I fix the CVE-2018-14023 vulnerability?

To fix the CVE-2018-14023 vulnerability, update Open Whisper Signal (aka Signal-Desktop) to version 1.15.0-beta.10 or later.

Where can I find more information about CVE-2018-14023?

You can find more information about CVE-2018-14023 at the following references: [n0sign4l.blogspot.com](http://n0sign4l.blogspot.com/2018/08/advisory-id-n0sign4l-002-risk-level-4-5.html?m=1) and [youtube.com](https://www.youtube.com/watch?v=oSJscEei5SE&app=desktop).

Vulnerability/
CVE-2018-14023

medium

CWE

200

20/8/2018

5/8/2024

CVE-2018-14023: Infoleak

Q: What is CVE-2018-14023?

CVE-2018-14023 refers to a vulnerability in Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 that allows information leakage.

First published: Mon Aug 20 2018(Updated: )

Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows information leakage.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Signal Signal-desktop	<1.15.0
Signal Signal-desktop	=1.15.0-beta1
Signal Signal-desktop	=1.15.0-beta2
Signal Signal-desktop	=1.15.0-beta3
Signal Signal-desktop	=1.15.0-beta4
Signal Signal-desktop	=1.15.0-beta5
Signal Signal-desktop	=1.15.0-beta6
Signal Signal-desktop	=1.15.0-beta7
Signal Signal-desktop	=1.15.0-beta8
Signal Signal-desktop	=1.15.0-beta9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-14023?
CVE-2018-14023 refers to a vulnerability in Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 that allows information leakage.
What software versions are affected by CVE-2018-14023?
Open Whisper Signal (aka Signal-Desktop) versions up to and including 1.15.0-beta.9, as well as 1.15.0-beta1 to 1.15.0-beta9, are affected by CVE-2018-14023.
What is the severity of CVE-2018-14023?
The severity of CVE-2018-14023 is medium (4 out of 5).
How can I fix the CVE-2018-14023 vulnerability?
To fix the CVE-2018-14023 vulnerability, update Open Whisper Signal (aka Signal-Desktop) to version 1.15.0-beta.10 or later.
Where can I find more information about CVE-2018-14023?
You can find more information about CVE-2018-14023 at the following references: [n0sign4l.blogspot.com](http://n0sign4l.blogspot.com/2018/08/advisory-id-n0sign4l-002-risk-level-4-5.html?m=1) and [youtube.com](https://www.youtube.com/watch?v=oSJscEei5SE&app=desktop).

collector/nvd-index
agent/event
agent/severity
agent/references
agent/weakness
agent/author
agent/description
agent/tags
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/signal
canonical/signal signal-desktop
version/signal signal-desktop/1.15.0-beta1
version/signal signal-desktop/1.15.0-beta2
version/signal signal-desktop/1.15.0-beta3
version/signal signal-desktop/1.15.0-beta4
version/signal signal-desktop/1.15.0-beta5
version/signal signal-desktop/1.15.0-beta6
version/signal signal-desktop/1.15.0-beta7
version/signal signal-desktop/1.15.0-beta8
version/signal signal-desktop/1.15.0-beta9

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.