Google Exposure Notifications Verification Server
Approved changes feed: RSS · Atom
cpe:2.3:a:google_llc:google_exposure-notifications-verification-server:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Google Llc (c72c74b5-1c39-5d47-98b8-8dacb6f7d99a) |
|---|---|
| Product | Google Exposure Notifications Verification Server (707f4130-57f0-59db-8303-f6950e935723) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-22565 |
vulnerable | 2026-06-03 14:43:53.213657 |
Insufficient Granularity of Access Control in GAEN Notification Server
MEDIUM (6.5)
An attacker could prematurely expire a verification code, making it unusable by the patient, making the patient unable to upload their TEKs to generate exposure notifications. We recommend upgrading the Exposure Notification server to V1.1.2 or greater.
Published: 2021-12-09T12:55:10.778Z
Updated: 2024-09-16T17:53:56.557Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.