Linecorp Line
74 CVEs affecting Linecorp Line. Latest disclosed: 2025-12-15. Critical: 0, High: 24.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-45559 | High | 8.2 | 2024-01-03 | An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. |
CVE-2023-43305 | High | 8.2 | 2023-12-08 | An issue in studio kent mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2023-43304 | High | 8.2 | 2023-12-07 | An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2023-43303 | High | 8.2 | 2023-12-07 | An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2023-43302 | High | 8.2 | 2023-12-07 | An issue in sanTas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2023-43301 | High | 8.2 | 2023-12-07 | An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2023-43300 | High | 8.2 | 2023-12-07 | An issue in urban_project mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. |
CVE-2016-4850 | High | 8.1 | 2017-04-20 | LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code. |
CVE-2022-29505 | High | 7.8 | 2022-04-27 | Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation. |
CVE-2021-36216 | High | 7.8 | 2021-09-08 | LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection. |
CVE-2019-6010 | High | 7.8 | 2019-09-19 | Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or… |
CVE-2018-0609 | High | 7.8 | 2018-06-26 | Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified di… |
CVE-2016-4831 | High | 7.8 | 2016-07-12 | Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an… |
CVE-2025-14022 | High | 7.7 | 2025-12-15 | LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK inter… |
CVE-2023-48134 | High | 7.5 | 2023-11-16 | nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. |
CVE-2023-38849 | High | 7.5 | 2023-10-25 | An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
CVE-2023-38848 | High | 7.5 | 2023-10-25 | An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
CVE-2023-38847 | High | 7.5 | 2023-10-25 | An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
CVE-2023-38846 | High | 7.5 | 2023-10-25 | An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
CVE-2023-38845 | High | 7.5 | 2023-10-25 | An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |