CVE-2024-36277

Summary

Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. The affected app cannot detect event data with invalid signatures.

Affected Software

VendorProductVersion RangeStatus
FreeFrom K.K.“FreeFrom - the nostr client” App for Androidprior to 1.3.5affected
FreeFrom K.K.“FreeFrom - the nostr client” App for iOSprior to 1.3.5affected

Weaknesses

  • Improper Verification of Cryptographic Signature

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References