Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device.
References
| Link | Resource |
|---|---|
| https://github.com/cloudflare/advisories/security/advisories/GHSA-35f7-fqrc-4hhj | Product Third Party Advisory |
Configurations
History
07 Nov 2023, 03:57
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device. |
19 Jan 2023, 02:34
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:cloudflare:warp:*:*:*:*:*:android:*:* | |
| References | (MISC) https://github.com/cloudflare/advisories/security/advisories/GHSA-35f7-fqrc-4hhj - Product, Third Party Advisory | |
| First Time |
Cloudflare
Cloudflare warp |
|
| CWE | NVD-CWE-noinfo | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
11 Jan 2023, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-01-11 17:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-4457
Mitre link : CVE-2022-4457
CVE.ORG link : CVE-2022-4457
JSON object : View
Products Affected
cloudflare
- warp
CWE