Skip to content

citizenlab/vuln-disclosures

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Citizen Lab Vulnerability Disclosures

This repository contains information related to vulnerability disclosures done by the Citizen Lab.

2022

Vulnerability ID Date Generated Affected Product Impact Report
CLVD-2022-01 January 18, 2022 MY2022 (冬奥通) iOS version 2.0.0, Android version 2.0.1 Traffic interception Cross-Country Exposure: Analysis of the MY2022 Olympics App

2021

Vulnerability ID Date Generated Affected Product Impact Report
CLVD-2021-01 August 23rd, 2021 QQMail Sensitive data disclosure Measuring QQMail's automated email censorship in China
CLVD-2021-02 September 13th, 2021 iOS < 14.8, macOS < 11.6, watchOS < 7.6.2 Code Execution FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

2020

Vulnerability ID Date Generated Affected Product Impact Report
CLVD-2020-01 April 3rd, 2020 Zoom for Windows, Mac, Linux < 4.6.10 In-Transit Encryption Quality Compromised Move Fast and Roll Your Own Crypto A Quick Look at the Confidentiality of Zoom Meetings and the FAQ
CLVD-2020-02 April 08, 2020 Zoom for Windows, Mac, Linux < 4.6.10 Unapproved Users Can Decrypt Video Zooms Waiting Room Vulnerability
CLVD-2020-03 November 10, 2020 COVID-KAYA (Web application) Sensitive data disclosure Unmasked: COVID-KAYA and the Exposure of Healthcare Worker Data in the Philippines.
CLVD-2020-04 November 10, 2020 COVID-KAYA version 1.4.7 (Android version code 10407) Hard coded credential and sensitive data disclosure Unmasked: COVID-KAYA and the Exposure of Healthcare Worker Data in the Philippines.
CLVD-2020-05 December 21, 2020 Staysafe PH Android version 0.12 Hard coded credential and sensitive data disclosure Unmasked II: An Analysis of Indonesia and the Philippines Government-launched COVID-19 Apps

NOTE In its current form this list of vulnerabilities presents a best effort to catalogue vulnerabilities from January 2020 onward. Data from previous years may be back filled at a later date.

About

This repository contains information related to vulnerability disclosures done by the Citizen Lab.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published