The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.

Related CVEs

CVE-2020-4099

Key Information

GHSA ID

GHSA-pc4m-vcwh-9c5h

Published

November 1, 2022 7:00 PM

Last Modified

November 3, 2022 7:00 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.