The WebRTC component in the Signal Private Messenger application up to and including 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote malicious users to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
signal private messenger |