Luca · Luca · CVE-2021-33838
Name of the Vulnerable Software and Affected Versions:
Luca versions 1.7.4 and earlier
Description:
The issue allows remote attackers to obtain sensitive information about COVID-19 tracking. This is because requests related to Check-In State occur shortly after requests for Phone Number Registration.
Recommendations:
For versions 1.7.4 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.