Vulnerabilities > Onepeloton > Peloton > 1.7.22
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-25 | CVE-2021-40527 | Cleartext Storage of Sensitive Information vulnerability in Onepeloton Peloton 1.7.22 Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application. | 7.5 |