Vulnerability Test Suite app says Q is vulnerable to 2 CVEs
- /e/ version: 0.16-q-20210415110657-dev-FP3
- Device model(s): FP3
Summary
There's an app on F-Droid called "VTS for Android" which scans the device for publicly known vulnerabilities. It says that the FP3's Q version is vulnerable to 2 of those: CVE-2015-6616
and CVE-2015-1474
Here's the detailed result:
{ "buildInfo": { "fingerprint": "Fairphone\/FP3\/FP3:10\/8901.3.A.0078-SS.20210105\/01051344:user\/release-keys", "kernelVersion": "4.9.218+", "brand": "Fairphone", "manufacturer": "Fairphone", "model": "FP3", "release": "10", "sdk": "29", "builddate": 1618519838000, "id": "QQ3A.200805.001", "cpuABI": "armeabi-v7a", "cpuABI2": "armeabi", "supportedABIs": [ "arm64-v8a", "armeabi-v7a", "armeabi" ], "versionCode": 13, "versionName": "v.13" }, "results": [ { "name": "ZipBug 9950697", "isVulnerable": false, "exception": "java.io.IOException: No such file or directory" }, { "name": "CVE-2013-4787", "isVulnerable": false, "exception": "java.io.IOException: No such file or directory" }, { "name": "ZipBug 9695860", "isVulnerable": false, "exception": "java.io.IOException: No such file or directory" }, { "name": "CVE-2013-6282", "isVulnerable": false }, { "name": "CVE-2014-3153", "isVulnerable": false }, { "name": "CVE-2014-4943", "isVulnerable": false, "exception": "java.lang.Exception: Error running test. Errno: 13" }, { "name": "WeakSauce", "isVulnerable": false }, { "name": "CVE-2015-1474", "isVulnerable": true }, { "name": "CVE-2015-3825", "isVulnerable": false }, { "name": "CVE-2015-3636", "isVulnerable": false }, { "name": "CVE-2015-7888", "isVulnerable": false }, { "name": "CVE-2015-6608", "isVulnerable": false, "exception": "java.lang.Exception: libstagefright_soft_aacdec.so does not exist" }, { "name": "CVE-2015-6616", "isVulnerable": true } ] }