Published: 2022/07/27  Last Updated: 2022/07/27

Information from HJ Holdings, Inc.

Vulnerability ID:JVN#40907489
Title:"Hulu / フールー" App for Android uses a hard-coded API key for an external service
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

In the Android version of "Hulu / フールー" provided by us, there was a problem that the API key of the external service was hard-coded.

The API key was revoked on June 7, 2022, so you do not need to take any action.

No damage has been confirmed so far by this vulnerability.