Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2
CVE-2021-44683
- EPSS 0.28%
- Veröffentlicht 25.03.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:31:22
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function (used to open a secondary browser window). This could be exploited by tricking users into supplying sensitive information such ...
7.5
CVE-2020-15502
- EPSS 0.56%
- Veröffentlicht 02.07.2020 11:15:10
- Zuletzt bearbeitet 21.11.2024 05:05:39
The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Poten...
4.3
CVE-2018-6849
- EPSS 76.8%
- Veröffentlicht 01.04.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:17
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
1