CVE-2021-43171 Information

Description

Improper verification of applications’ cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user’s systems by altering the server’s API response.

Reference

https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements https://nervuri.net/e/apps