All 8 CVE vulnerabilities found in sdk, with AI-generated Chinese analysis, references, and POCs.
Vendor: ThreatMetrix
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42190 | RedwoodSDK: Same-site CSRF in in server actions CWE-352 | 5.3 | Medium | 2026-05-08 |
| CVE-2026-39371 | RedwoodSDK has a CSRF vulnerability in server function dispatch via GET requests CWE-352 | 8.1 | High | 2026-04-07 |
| CVE-2026-27704 | Dart SDK and Flutter SDK have Zip slip in Dart Pub package extraction CWE-22 | 7.3AI | HighAI | 2026-02-25 |
| CVE-2025-48755 | Rust 安全漏洞 CWE-762 | 2.9 | Low | 2025-05-24 |
| CVE-2025-27839 | Tangem 安全漏洞 CWE-1025 | 3.2 | Low | 2025-03-07 |
| CVE-2024-3764 | Tuya SDK MQTT Packet denial of service CWE-404 | 2.7 | Low | 2024-04-14 |
| CVE-2017-3182 | On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack CWE-295 | 6.8 | - | 2018-07-24 |
| CVE-2017-3210 | Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution CWE-276 | 7.8 | - | 2018-07-24 |
All 8 known CVE vulnerabilities affecting sdk with full Chinese analysis, references, and POCs where available.