Luca · Luca · CVE-2021-33839
Name of the Vulnerable Software and Affected Versions:
Luca versions 1.7.4 and earlier
Description:
The issue allows remote attackers to obtain sensitive information about COVID-19 tracking. This is possible because the QR code of a Public Location can be intentionally confused with the QR code of a Private Meeting.
Recommendations:
For versions 1.7.4 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.