CVE-2024-38480

July 1, 2024, 12:37 p.m.

Product(s) Impacted

Piccoma App for Android

  • before 6.20.0

Piccoma App for iOS

  • before 6.20.0

Description

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this vulnerability.

Weaknesses

Date

Published: July 1, 2024, 5:15 a.m.

Last Modified: July 1, 2024, 12:37 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References