GCVE - cpe:2.3:a:n/a:mintegraladsdk:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:mintegraladsdk:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Mintegraladsdk (`367a4d08-4c73-57d6-a250-56ddb84ba198`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-7745`	vulnerable	2026-06-08 05:27:14.099917	Malicious Package HIGH (7.1) This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device. Published: 2020-10-19T09:55:14.678Z Updated: 2024-09-17T02:42:27.106Z Open on db.gcve.eu Reference links https://snyk.io/blog/remote-code-execution-rce-sourmint/ https://snyk.io/vuln/SNYK-COCOAPODS-MINTEGRALADSDK-1019377 https://snyk.io/research/sour-mint-malicious-sdk/%23rce https://www.youtube.com/watch?v=n-mEMkeoUqs	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-7705`	vulnerable	2026-06-08 05:27:14.010534	Malicious Package HIGH (7.1) This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the UIApplication, openURL, SKStoreProductViewController, loadProductWithParameters and NSURLProtocol methods along with anti-debug and proxy detection protection. If those hooks are active MintegralAdSDK sends obfuscated data about every opened URL in an application to their servers. Note that the malicious functionality is enabled even if the SDK was not enabled to serve ads. Published: 2020-08-24T17:15:15.656Z Updated: 2024-09-16T19:46:34.178Z Open on db.gcve.eu Reference links https://snyk.io/vuln/SNYK-COCOAPODS-MINTEGRALADSDK-598852 https://snyk.io/blog/sourmint-malicious-code-ad-fraud-and-data-leak-in-ios/ https://snyk.io/research/sour-mint-malicious-sdk/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.