📦 Luca

The Luca COVID-19 contact tracing app for Android versions through 1.7.4 leaks sensitive information about users' COVID-19 status. Remote attackers can correlate check-in state requests with phone num...

The Luca contact tracing app server (versions through 1.1.14) allows attackers to insert fake COVID-19 exposure records because phone number data lacks digital signatures. This affects all organizatio...