Vulnerabilities in LINE Corporation

23 results
CVE-2019-6010Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of serviceEPSS 1.7%CVE-2019-6002Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspEPSS 1.1%CVE-2021-41011LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditioEPSS 1.1%CVE-2021-38388HIGHCentral Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the EPSS 0.9%CVE-2022-22820Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipieEPSS 0.8%CVE-2024-1735CRITICALA vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentEPSS 0.8%CVE-2021-36215LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling.EPSS 0.8%CVE-2021-36214MEDIUMLINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.EPSS 0.7%CVE-2018-0518LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof sEPSS 0.6%CVE-2022-41568HIGHLINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.EPSS 0.6%CVE-2024-1143CRITICALCentral Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and sEPSS 0.5%CVE-2022-29505Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilegeEPSS 0.5%CVE-2021-36216LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.EPSS 0.4%CVE-2024-5739MEDIUMThe in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows forEPSS 0.3%CVE-2023-5554MEDIUMLack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0.EPSS 0.2%CVE-2015-0897LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack sincEPSS 0.2%CVE-2015-2968LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application alloEPSS 0.2%CVE-2025-14021MEDIUMThe in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execEPSS 0.2%CVE-2025-14022HIGHLINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financialEPSS 0.2%CVE-2025-14020MEDIUMLINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security ToEPSS 0.1%