By weakness (CWE)
CWE-359: related vulnerabilities
CVEs classified under CWE-359. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2020-25900MEDIUM 5.3
HelloTalk, a language exchange and social networking application, contains a privacy flaw in versions through 3.4.1 where the app stores precise GPS coordinates even when users intend to share only their country or city location. These full-precision coordinates are inadvertently saved to a local database accessible by other users' clients. While the client-side database was encrypted in a 2019 update, the vulnerability persists in how location data is initially processed and stored, creating an unintended disclosure of user whereabouts to a level of granularity the user did not authorize.