Apple Music For Android vulnerabilities

7 known vulnerabilities affecting apple/apple_music_for_android.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2023-32427MEDIUMCVSS 5.9≥ unspecified, < 4.22023-07-28
CVE-2023-32427 [MEDIUM] CVE-2023-32427: This issue was addressed by using HTTPS when sending information over the network. This issue is fix This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic.
cvelistv5nvd
CVE-2023-28203MEDIUMCVSS 5.5≥ unspecified, < 4.22023-07-28
CVE-2023-28203 [MEDIUM] CWE-200 CVE-2023-28203: The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.
cvelistv5nvd
CVE-2022-32846HIGHCVSS 7.5≥ unspecified, < 3.92023-02-27
CVE-2022-32846 [HIGH] CWE-664 CVE-2022-32846: A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.1 A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
cvelistv5nvd
CVE-2022-32836HIGHCVSS 7.5≥ unspecified, < 3.92023-02-27
CVE-2022-32836 [HIGH] CWE-200 CVE-2022-32836: This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 f This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
cvelistv5nvd
CVE-2022-32906MEDIUMCVSS 5.3≥ unspecified, < 3.92023-02-27
CVE-2022-32906 [MEDIUM] CWE-319 CVE-2022-32906: This issue was addressed with using HTTPS when sending information over the network. This issue is f This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections.
cvelistv5nvd
CVE-2021-46841MEDIUMCVSS 5.9≥ unspecified, < 3.52023-02-27
CVE-2021-46841 [MEDIUM] CWE-200 CVE-2021-46841: This issue was addressed by using HTTPS when sending information over the network. This issue is fix This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
cvelistv5nvd
CVE-2020-9982MEDIUMCVSS 5.5≥ unspecified, < 3.42020-10-27
CVE-2020-9982 [MEDIUM] CVE-2020-9982: This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed i This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user's credentials.
cvelistv5nvd