Vulnerabilities (CVE)

Filtered by vendor Komoot Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21823 1 Komoot 1 Komoot 2024-11-21 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially crafted series of network requests can lead to the disclosure of sensitive information.
CVE-2017-14709 1 Komoot 1 Komoot 2024-11-21 5.8 MEDIUM 7.4 HIGH
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.