Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by hjholdings
CVE-2022-35734 (GCVE-0-2022-35734)
Vulnerability from nvd – Published: 2022-08-16 07:02 – Updated: 2024-08-03 09:44
VLAI
Summary
'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
Severity
No CVSS data available.
CWE
- Use of Hard-coded Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN40907489/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HJ Holdings, Inc. | 'Hulu / フールー' App for Android |
Affected:
from version 3.0.47 to the version prior to 3.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:21.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android",
"vendor": "HJ Holdings, Inc.",
"versions": [
{
"status": "affected",
"version": "from version 3.0.47 to the version prior to 3.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T07:02:16.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-35734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android",
"version": {
"version_data": [
{
"version_value": "from version 3.0.47 to the version prior to 3.1.2"
}
]
}
}
]
},
"vendor_name": "HJ Holdings, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN40907489/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-35734",
"datePublished": "2022-08-16T07:02:16.000Z",
"dateReserved": "2022-07-23T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:44:21.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34156 (GCVE-0-2022-34156)
Vulnerability from nvd – Published: 2022-08-16 07:01 – Updated: 2024-08-03 08:16
VLAI
Summary
'Hulu / フールー' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
Severity
No CVSS data available.
CWE
- Improper Certificate Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN81563390/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HJ Holdings, Inc. | 'Hulu / フールー' App for iOS |
Affected:
versions prior to 3.0.81
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS",
"vendor": "HJ Holdings, Inc.",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.0.81"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Certificate Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T07:01:18.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-34156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.0.81"
}
]
}
}
]
},
"vendor_name": "HJ Holdings, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN81563390/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-34156",
"datePublished": "2022-08-16T07:01:18.000Z",
"dateReserved": "2022-07-23T00:00:00.000Z",
"dateUpdated": "2024-08-03T08:16:17.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35734 (GCVE-0-2022-35734)
Vulnerability from cvelistv5 – Published: 2022-08-16 07:02 – Updated: 2024-08-03 09:44
VLAI
Summary
'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
Severity
No CVSS data available.
CWE
- Use of Hard-coded Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN40907489/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HJ Holdings, Inc. | 'Hulu / フールー' App for Android |
Affected:
from version 3.0.47 to the version prior to 3.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:21.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android",
"vendor": "HJ Holdings, Inc.",
"versions": [
{
"status": "affected",
"version": "from version 3.0.47 to the version prior to 3.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T07:02:16.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-35734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android",
"version": {
"version_data": [
{
"version_value": "from version 3.0.47 to the version prior to 3.1.2"
}
]
}
}
]
},
"vendor_name": "HJ Holdings, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN40907489/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN40907489/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-35734",
"datePublished": "2022-08-16T07:02:16.000Z",
"dateReserved": "2022-07-23T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:44:21.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34156 (GCVE-0-2022-34156)
Vulnerability from cvelistv5 – Published: 2022-08-16 07:01 – Updated: 2024-08-03 08:16
VLAI
Summary
'Hulu / フールー' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
Severity
No CVSS data available.
CWE
- Improper Certificate Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN81563390/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HJ Holdings, Inc. | 'Hulu / フールー' App for iOS |
Affected:
versions prior to 3.0.81
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS",
"vendor": "HJ Holdings, Inc.",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.0.81"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Certificate Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T07:01:18.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-34156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.0.81"
}
]
}
}
]
},
"vendor_name": "HJ Holdings, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0027Hulu / \u30d5\u30fc\u30eb\u30fc\u0027 App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN81563390/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN81563390/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-34156",
"datePublished": "2022-08-16T07:01:18.000Z",
"dateReserved": "2022-07-23T00:00:00.000Z",
"dateUpdated": "2024-08-03T08:16:17.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}