Vulnerabilities (CVE)

Filtered by vendor Duolingo Subscribe
Filtered by product Tinycards
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-16905 2 Duolingo, Google 2 Tinycards, Android 2024-11-21 6.8 MEDIUM 8.1 HIGH
The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack.