CVE-2018-3988

Summary

Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.

Affected Software

VendorProductVersion RangeStatus
n/aSignalSignal Messenger Android 4.24.8affected

Weaknesses

  • privacy violation

ADP Enrichment

CVE Program Container

Additional References

References