MEDIUM 4.7
CVE-2018-3988
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
CVSS v3
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| signal | private_messenger | Android | — | cpe:2.3:a:signal:private_messenger:4.24.8:*:*:*:*:android:*:* |