Vulnerabilities > Linecorp > Line > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-36215 | Unspecified vulnerability in Linecorp Line LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling. | 5.0 |
| 2021-09-08 | CVE-2021-36216 | Uncontrolled Search Path Element vulnerability in Linecorp Line LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection. | 4.6 |
| 2021-07-13 | CVE-2021-36214 | Cross-site Scripting vulnerability in Linecorp Line LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView. | 4.3 |
| 2019-09-19 | CVE-2019-6010 | Integer Overflow or Wraparound vulnerability in Linecorp Line Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or execute arbitrary code via a specially crafted image. | 6.8 |
| 2018-08-16 | CVE-2018-13434 | Improper Authentication vulnerability in Linecorp Line 8.8.0 An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. | 6.3 |
| 2018-06-26 | CVE-2018-0609 | Untrusted Search Path vulnerability in Linecorp Line 4.3.0.724 Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.8 |
| 2018-02-23 | CVE-2018-0518 | Improper Certificate Validation vulnerability in Linecorp Line 7.1.3/7.15 LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
| 2017-04-20 | CVE-2016-4850 | Improper Access Control vulnerability in Linecorp Line 4.3.0.724 LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code. | 6.8 |
| 2014-08-16 | CVE-2013-7144 | Cryptographic Issues vulnerability in Linecorp Line LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |