Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.
References
Link | Resource |
---|---|
https://support.apple.com/HT210110 | Vendor Advisory |
https://support.apple.com/HT210111 | Vendor Advisory |
https://www.info-sec.ca/advisories/Texture.html | Third Party Advisory |
https://support.apple.com/HT210110 | Vendor Advisory |
https://support.apple.com/HT210111 | Vendor Advisory |
https://www.info-sec.ca/advisories/Texture.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.apple.com/HT210110 - Vendor Advisory | |
References | () https://support.apple.com/HT210111 - Vendor Advisory | |
References | () https://www.info-sec.ca/advisories/Texture.html - Third Party Advisory |
12 Apr 2022, 18:41
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.info-sec.ca/advisories/Texture.html - Third Party Advisory |
24 Feb 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-12-18 18:15
Updated : 2024-11-21 04:50
NVD link : CVE-2019-8632
Mitre link : CVE-2019-8632
CVE.ORG link : CVE-2019-8632
JSON object : View
Products Affected
apple
- texture
CWE
CWE-319
Cleartext Transmission of Sensitive Information