CVE-2018-19111
First published: Thu Nov 08 2018(Updated: )
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Cardboard | =1.2 | |
| Google Cardboard | =1.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-19111?
CVE-2018-19111 is rated as a moderate severity vulnerability due to the potential exposure of private information.
How do I fix CVE-2018-19111?
To fix CVE-2018-19111, update the Google Cardboard application to the latest version available for your device.
What versions of Google Cardboard are affected by CVE-2018-19111?
CVE-2018-19111 affects Google Cardboard version 1.2 for iOS and version 1.8 for Android.
What data is potentially exposed in CVE-2018-19111?
CVE-2018-19111 potentially exposes cleartext information such as device make, model, and operating system.
Is CVE-2018-19111 related to user privacy?
Yes, CVE-2018-19111 raises concerns about user privacy due to the transmission of potentially sensitive information in cleartext.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/google
- canonical/google cardboard
- version/google cardboard/1.2
- version/google cardboard/1.8