Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe

Filtered by product Cordova

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-5207	1 Apache	1 Cordova	2018-10-09	7.5 HIGH	5.3 MEDIUM
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
CVE-2015-5208	1 Apache	1 Cordova	2018-10-09	4.3 MEDIUM	4.4 MEDIUM
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
CVE-2015-1835	1 Apache	1 Cordova	2017-11-16	2.6 LOW	5.3 MEDIUM
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.