CVE-2014-3501

EPSS 1.65% · P82 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-3501

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache Cordova Android 安全绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Adobe PhoneGap是美国奥多比（Adobe）公司的一套开源的开发框架。Apache Cordova Android是美国阿帕奇（Apache）软件基金会的一套可使用HTML、CSS和JavaScript开发基于Android的移动应用程序的平台，也是驱动PhoneGap的核心引擎。 Apache Cordova Android 3.5.1之前版本中存在安全漏洞。远程攻击者可通过使用JavaScript连接WebSocket和WebView利用该漏洞绕过HTTP白名单，连接任意服务器。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-3501

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-3501

请登录查看更多情报信息。

http://cordova.apache.org/announcements/2014/08/04/android-351.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/69041vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2014-3501

Same Patch Batch · n/a · 2014-11-15 · 11 CVEs total

CVE-2014-7248		IPA iLogScanner 跨站脚本漏洞
CVE-2014-7997		Cisco IOS on Aironet Access Point DHCP实现拒绝服务漏洞
CVE-2014-7998		Cisco IOS on Aironet Access Point 权限许可和访问控制漏洞
CVE-2014-3707		Haxx Libcurl 堆内存损坏漏洞
CVE-2014-4975		Ruby'pack.c'差异错误漏洞
CVE-2014-3158		Paul's PPP Package pppd’options.c‘远程整数溢出漏洞
CVE-2014-3500		Apache Cordova Android 安全绕过漏洞
CVE-2014-3502		Apache Cordova Android 信息泄露漏洞
CVE-2014-5388		QEMU ACPI PCI hotplug‘pci_read’函数差一错误漏洞
CVE-2014-8566		mod_auth_mellon 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-3501

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-3501

I. Basic Information for CVE-2014-3501

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-3501

III. Intelligence Information for CVE-2014-3501

Same Patch Batch · n/a · 2014-11-15 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-3501

Leave a comment