CVE-2019-11932 describes a vulnerability in what product? https://nvd.nist.gov/vuln/detail/CVE-2019-11932 …
-
-
For example, here's a demonstration of viewing a crafted message with an app called Chomp SMS. It has over 10 million installs and also uses android-gif-drawable. When
@facebook created the entry for CVE-2019-11932, they neglected to mention anything other than WhatsApp.pic.twitter.com/dYJJp2bUOzShow this thread -
Also, the fix for CVE-2019-11932: https://github.com/koral--/android-gif-drawable/pull/673 … isn't even the latest vul fixed in android-gif-drawable. 1.2.19 fixes another vul that doesn't seem to even have a CVE. How are people supposed to keep track of this, and how is it supposed to trickle down to developers?
Show this thread -
https://github.com/koral--/android-gif-drawable/commit/ad68e4df1cc2aaaa03cb2357c98434cc281248ab#diff-d503ed87ede00e3bfa2181415fdb4e0d … is a vulnerability that is fixed in android-gif-drawable 1.2.19, but I cannot find any CVE entry to reference it.
Show this thread
End of conversation
New conversation -
-
-
This Tweet is unavailable.
-
This Tweet is unavailable.
- 1 more reply
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.