CVE-2025-44017_CVE-2025-44017

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

"Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token).

Basic Information

ID CVE-2025-44017

Source jpcert

Published Sep 2, 2025 at 07:41

Affected Product

Vendor Gunosy Inc.

Product "Gunosy" App for Android

Version versions prior to 7.34.0

Affected Versions Gunosy Inc. "Gunosy" App for Android versions prior to 7.34.0
Gunosy Inc. "Gunosy" App for iOS versions prior to 7.34.0

CWE Classification

CWE-201

References

jvn.jp /en/jp/JVN47404248/

{
    "lastseen": "",
    "description": "\"Gunosy\" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token).",
    "published": "2025-09-02T07:41:47.056Z",
    "modified": "2025-09-02T07:41:47.056Z",
    "type": "cve",
    "title": "CVE-2025-44017",
    "source": "jpcert",
    "references": "https://jvn.jp/en/jp/JVN47404248/",
    "id": "CVE-2025-44017",
    "bulletinFamily": "",
    "cwe": [
        "CWE-201"
    ],
    "cvelist": null,
    "sourceData": "Gunosy Inc. \"Gunosy\" App for Android versions prior to 7.34.0\nGunosy Inc. \"Gunosy\" App for iOS versions prior to 7.34.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\"Gunosy\" App for Android",
    "version": "versions prior to 7.34.0",
    "vendor": "Gunosy Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}