CVE-2022-41568
First published: Tue Nov 29 2022(Updated: )
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.
Credit: dl_cve@linecorp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| LINE | <12.17.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-41568.
What is the affected software or device?
The affected software is LINE client for iOS version before 12.17.0.
What is the severity of CVE-2022-41568?
The severity of CVE-2022-41568 is high, with a severity value of 7.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by sharing an invalid shared key of end-to-end encryption (e2ee) in a group chat in the LINE client for iOS.
Is there a fix or patch available for this vulnerability?
Yes, the fix for this vulnerability is to update the LINE client for iOS to version 12.17.0 or later.
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/linecorp
- canonical/line