{"id":"CVE-2018-9840","details":"The Open Whisper Signal app before 2.23.2 for iOS allows physically proximate attackers to bypass the screen locker feature via certain rapid sequences of actions that include app opening, clicking on cancel, and using the home button.","modified":"2026-04-10T04:20:13.489096Z","published":"2018-04-10T05:29:00.207Z","references":[{"type":"ADVISORY","url":"http://nint.en.do/Signal-Bypass-Screen-locker.php"},{"type":"FIX","url":"https://github.com/signalapp/Signal-iOS/commit/018a35df7b42b4941cb4dfc9f462b37c3fafd9e9"},{"type":"FIX","url":"https://github.com/signalapp/Signal-iOS/commits/release/2.23.2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/signalapp/signal-ios","events":[{"introduced":"0"},{"fixed":"2264edd9ded7212c7a336a835861385d5f9774c7"},{"fixed":"018a35df7b42b4941cb4dfc9f462b37c3fafd9e9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.23.2"}]}}],"versions":["0.1","1.0","1.0.2","1.0.3","1.0.4","1.0.4-1","1.0.4-2","1.0.5","1.0.6","1.0.6.2","1.0.7","1.0.8","1.2","1.3","2.0","2.0.1","2.0.2","2.0_beta_31_01_2015","2.1","2.1.1","2.1.3","2.10.0.0","2.10.0.1","2.10.0.2","2.10.0.3","2.11.0.0","2.11.0.1","2.11.0.2","2.11.0.3","2.11.1.0","2.11.1.1","2.11.1.2","2.11.1.3","2.11.1.4","2.11.1.5","2.12.0.0","2.12.0.1","2.12.0.2","2.12.1.0","2.12.1.1","2.12.1.2","2.13.0.0","2.13.0.1","2.13.0.10","2.13.0.11","2.13.0.12","2.13.0.13","2.13.0.14","2.13.0.15","2.13.0.16","2.13.0.2","2.13.0.3","2.13.0.4","2.13.0.5","2.13.0.6","2.13.0.7","2.13.0.8","2.13.0.9","2.13.1.0","2.13.2.0","2.14.0.0","2.14.0.1","2.14.0.2","2.14.0.3","2.14.0.4","2.14.1.0","2.15.0.0","2.15.0.1","2.15.0.2","2.15.0.3","2.15.0.4","2.16.0.0","2.16.0.1","2.16.0.10","2.16.0.11","2.16.0.12","2.16.0.13","2.16.0.15","2.16.0.16","2.16.0.17","2.16.0.2","2.16.0.3","2.16.0.4","2.16.0.5","2.16.0.6","2.16.0.7","2.16.0.9","2.17.0.0","2.17.0.1","2.17.0.2","2.17.0.3","2.17.0.4","2.17.0.5","2.17.0.6","2.17.0.7","2.17.0.8","2.19.0.0","2.19.0.1","2.19.0.10","2.19.0.11","2.19.0.12","2.19.0.13","2.19.0.14","2.19.0.16","2.19.0.17","2.19.0.18","2.19.0.19","2.19.0.2","2.19.0.20","2.19.0.21","2.19.0.22","2.19.0.3","2.19.0.4","2.19.0.5","2.19.0.6","2.2","2.20.0.13","2.20.0.14","2.20.0.15","2.20.0.16","2.20.0.17","2.20.0.18","2.20.0.19","2.20.0.2","2.20.0.21","2.20.0.22","2.20.0.23","2.20.0.24","2.20.0.25","2.20.0.27","2.20.0.28","2.20.0.29","2.20.0.3","2.20.0.30","2.20.0.31","2.20.0.32","2.20.0.33","2.20.0.34","2.20.0.35","2.20.0.36","2.20.0.37","2.20.0.38","2.20.0.39","2.20.0.4","2.20.0.40","2.20.0.41","2.20.0.42","2.20.0.5","2.20.0.6","2.20.0.7","2.23.0.0","2.23.0.1","2.23.0.10","2.23.0.11","2.23.0.12","2.23.0.13","2.23.0.14","2.23.0.2","2.23.0.3","2.23.0.4","2.23.0.5","2.23.0.6","2.23.0.7","2.23.0.8","2.23.0.9","2.23.1.0","2.23.1.1","2.23.1.2","2.3.0.3","2.3.0.4","2.3.0.5","2.3.0.6","2.3.0.7","2.3.1.0","2.3.2.0","2.3.2.1","2.3.3.0","2.3.4.0","2.3.5.0","2.4.0.0","2.4.0.1","2.4.0.2","2.4.0.3","2.4.0.4","2.4.1.0","2.4.1.1","2.4.2.0","2.5.0.16","2.5.0.17","2.5.0.19","2.5.0.20","2.5.1.0","2.5.2.2","2.5.3.3","2.5.3.4","2.6.1.0","2.6.1.1","2.6.1.2","2.6.1.3","2.6.10.0","2.6.10.1","2.6.10.2","2.6.11.0","2.6.11.1","2.6.11.2","2.6.12.0","2.6.13.0","2.6.14.0","2.6.14.1","2.6.15.0","2.6.2.0","2.6.3.10","2.6.3.11","2.6.3.12","2.6.3.13","2.6.3.14","2.6.3.15","2.6.3.9","2.6.4.10","2.6.4.11","2.6.4.12","2.6.4.14","2.6.4.4","2.6.4.5","2.6.4.6","2.6.4.7","2.6.4.9","2.6.5.1","2.6.5.2","2.6.5.3","2.6.5.4","2.6.5.6","2.6.5.7","2.6.5.9","2.6.6.0","2.6.6.1","2.6.6.4","2.6.6.5","2.6.6.6","2.6.6.7","2.6.7.0","2.6.7.1","2.6.7.2","2.6.7.3","2.6.7.4","2.6.8.0","2.6.9.0","2.6.9.1","2.6.9.4","2.7.0.1","2.7.0.10","2.7.0.2","2.7.0.3","2.7.0.4","2.7.0.5","2.7.0.6","2.7.0.7","2.7.0.8","2.7.0.9","2.8.0.0","2.8.0.1","2.8.0.2","2.8.0.3","2.8.0.4","2.8.0.5","2.8.0.6","2.8.1.0","2.9.0.0","2.9.0.1","2.9.0.2","2.9.0.3","2.9.0.4","2.9.0.5","2.9.1.0","hotfix/2.15.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9840.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}