CWE-843
AllowedAccess of Resource Using Incompatible Type ('Type Confusion')
Abstraction: Base · Status: Incomplete
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
1041 vulnerabilities reference this CWE, most recent first.
GHSA-MVQ9-3RCF-XHCW
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-30561"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-03T19:15:00Z",
"severity": "HIGH"
},
"details": "Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-mvq9-3rcf-xhcw",
"modified": "2022-05-24T19:09:47Z",
"published": "2022-05-24T19:09:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30561"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1219630"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/163835/Chrome-JS-WasmJs-InstallConditionalFeatures-Object-Corruption.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-MVQF-RPVQ-M95X
Vulnerability from github – Published: 2023-05-16 00:30 – Updated: 2024-04-04 04:10In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
{
"affected": [],
"aliases": [
"CVE-2023-20673"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-15T22:15:10Z",
"severity": "MODERATE"
},
"details": "In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.",
"id": "GHSA-mvqf-rpvq-m95x",
"modified": "2024-04-04T04:10:04Z",
"published": "2023-05-16T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20673"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MW6Q-98MP-G8G8
Vulnerability from github – Published: 2021-11-08 17:54 – Updated: 2023-01-23 18:49This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "bootstrap-table"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.19.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-23472"
],
"database_specific": {
"cwe_ids": [
"CWE-79",
"CWE-843"
],
"github_reviewed": true,
"github_reviewed_at": "2021-11-04T17:00:48Z",
"nvd_published_at": "2021-11-03T18:15:00Z",
"severity": "LOW"
},
"details": "This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.",
"id": "GHSA-mw6q-98mp-g8g8",
"modified": "2023-01-23T18:49:17Z",
"published": "2021-11-08T17:54:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23472"
},
{
"type": "PACKAGE",
"url": "https://github.com/wenzhixin/bootstrap-table"
},
{
"type": "WEB",
"url": "https://github.com/wenzhixin/bootstrap-table/blob/develop/src/utils/index.js%23L218"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1910690"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1910689"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBWENZHIXIN-1910687"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910688"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Cross-site Scripting in bootstrap-table"
}
GHSA-MXV6-Q98X-H958
Vulnerability from github – Published: 2021-08-25 20:56 – Updated: 2021-08-24 18:00Shared data structure in model crate implements Send and Sync traits regardless of the inner type.
This allows safe Rust code to trigger a data race, which is undefined behavior in Rust.
Users are advised to treat Shared as an unsafe type.
It should not be used outside of the testing context,
and care must be taken so that the testing code does not have a data race
besides a race condition that is expected to be caught by the test.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "model"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.1.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-36460"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-843"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-18T21:17:33Z",
"nvd_published_at": "2021-08-08T06:15:00Z",
"severity": "HIGH"
},
"details": "`Shared` data structure in `model` crate implements `Send` and `Sync` traits regardless of the inner type.\nThis allows safe Rust code to trigger a data race, which is undefined behavior in Rust.\n\nUsers are advised to treat `Shared` as an unsafe type.\nIt should not be used outside of the testing context,\nand care must be taken so that the testing code does not have a data race\nbesides a race condition that is expected to be caught by the test.\n",
"id": "GHSA-mxv6-q98x-h958",
"modified": "2021-08-24T18:00:46Z",
"published": "2021-08-25T20:56:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36460"
},
{
"type": "WEB",
"url": "https://github.com/spacejam/model/issues/3"
},
{
"type": "PACKAGE",
"url": "https://github.com/spacejam/model"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2020-0140.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Data races in model"
}
GHSA-MXWJ-XFPV-WQCG
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Kofax Power PDF response Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the implementation of the app.response method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20601.
{
"affected": [],
"aliases": [
"CVE-2023-38091"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:51Z",
"severity": "HIGH"
},
"details": "Kofax Power PDF response Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the implementation of the app.response method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20601.",
"id": "GHSA-mxwj-xfpv-wqcg",
"modified": "2024-05-03T03:30:55Z",
"published": "2024-05-03T03:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38091"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-969"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2WF-QJ6M-X5FG
Vulnerability from github – Published: 2026-05-01 15:30 – Updated: 2026-07-10 12:31In the Linux kernel, the following vulnerability has been resolved:
ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
Oskar Kjos reported the following problem.
ip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written by the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes IPCB(skb2) to __ip_options_echo(), which interprets that cb[] region as struct inet_skb_parm (IPv4). The layouts differ: inet6_skb_parm.nhoff at offset 14 overlaps inet_skb_parm.opt.rr, producing a non-zero rr value. __ip_options_echo() then reads optlen from attacker-controlled packet data at sptr[rr+1] and copies that many bytes into dopt->__data, a fixed 40-byte stack buffer (IP_OPTIONS_DATA_FIXED_SIZE).
To fix this we clear skb2->cb[], as suggested by Oskar Kjos.
Also add minimal IPv4 header validation (version == 4, ihl >= 5).
{
"affected": [],
"aliases": [
"CVE-2026-43037"
],
"database_specific": {
"cwe_ids": [
"CWE-787",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-01T15:16:48Z",
"severity": "CRITICAL"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: clear skb2-\u003ecb[] in ip4ip6_err()\n\nOskar Kjos reported the following problem.\n\nip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written\nby the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes\nIPCB(skb2) to __ip_options_echo(), which interprets that cb[] region\nas struct inet_skb_parm (IPv4). The layouts differ: inet6_skb_parm.nhoff\nat offset 14 overlaps inet_skb_parm.opt.rr, producing a non-zero rr\nvalue. __ip_options_echo() then reads optlen from attacker-controlled\npacket data at sptr[rr+1] and copies that many bytes into dopt-\u003e__data,\na fixed 40-byte stack buffer (IP_OPTIONS_DATA_FIXED_SIZE).\n\nTo fix this we clear skb2-\u003ecb[], as suggested by Oskar Kjos.\n\nAlso add minimal IPv4 header validation (version == 4, ihl \u003e= 5).",
"id": "GHSA-p2wf-qj6m-x5fg",
"modified": "2026-07-10T12:31:33Z",
"published": "2026-05-01T15:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43037"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28740"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28741"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28742"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28748"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28749"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28750"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28887"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28962"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:34098"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-43037"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464351"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1063515ce15ff31065c4e7f8265f4c2fd3c54876"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2edfa31769a4add828a7e604b21cb82aaaa05925"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a622658f384b03560834cbe8ffcfe69a278f7c8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/590f622669b97eaf7b57a1de7b0a6e68c5d8b2c3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a0c4ce9900a108eaf55d0f3b399cb55999647d39"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d6621f60192fe10c047a4487be42a6f4c150707f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea9f65b27c8404e164848ebff1443310fd187629"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43037.json"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:22900"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:22940"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:22964"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23224"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23237"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:24343"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25120"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25121"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25181"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25186"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25191"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25193"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25200"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25217"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25533"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25534"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26528"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26535"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26542"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27719"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27729"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:28738"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P34G-H4WV-4PJ4
Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2022-05-24 17:40In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05453809.
{
"affected": [],
"aliases": [
"CVE-2021-0352"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-03T00:15:00Z",
"severity": "MODERATE"
},
"details": "In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05453809.",
"id": "GHSA-p34g-h4wv-4pj4",
"modified": "2022-05-24T17:40:49Z",
"published": "2022-05-24T17:40:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0352"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-acknowledgements"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P5CP-VQJQ-6CJ7
Vulnerability from github – Published: 2026-06-02 21:30 – Updated: 2026-06-04 15:30FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after validating that the packet contains at least sizeof(ipv4_header_t) bytes (20 bytes), the code advances the local_pointer by '4 * ipv4_header->get_ihl()' (line 164) without validating that (a) IHL >= 5 (the minimum valid value per RFC 791), or (b) 4 * IHL bytes are actually available in the packet. The IHL field is 4 bits, allowing values 0-15, so the advance can be 0-60 bytes. An IHL value of 15 with only 20 bytes validated causes a 40-byte over-read. An IHL of 0-4 causes the pointer to not advance past the IP header, resulting in the TCP/UDP header being parsed from IP header data (type confusion). This vulnerability is reachable via any packet capture interface.
{
"affected": [],
"aliases": [
"CVE-2026-48682"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-02T20:16:38Z",
"severity": "MODERATE"
},
"details": "FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after validating that the packet contains at least sizeof(ipv4_header_t) bytes (20 bytes), the code advances the local_pointer by \u00274 * ipv4_header-\u003eget_ihl()\u0027 (line 164) without validating that (a) IHL \u003e= 5 (the minimum valid value per RFC 791), or (b) 4 * IHL bytes are actually available in the packet. The IHL field is 4 bits, allowing values 0-15, so the advance can be 0-60 bytes. An IHL value of 15 with only 20 bytes validated causes a 40-byte over-read. An IHL of 0-4 causes the pointer to not advance past the IP header, resulting in the TCP/UDP header being parsed from IP header data (type confusion). This vulnerability is reachable via any packet capture interface.",
"id": "GHSA-p5cp-vqjq-6cj7",
"modified": "2026-06-04T15:30:32Z",
"published": "2026-06-02T21:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48682"
},
{
"type": "WEB",
"url": "https://github.com/pavel-odintsov/fastnetmon"
},
{
"type": "WEB",
"url": "https://github.com/pavel-odintsov/fastnetmon/blob/master/src/simple_packet_parser_ng.cpp"
},
{
"type": "WEB",
"url": "https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48682-ipv4-parser-oob"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P65Q-G2JH-6H2P
Vulnerability from github – Published: 2023-07-04 03:31 – Updated: 2024-04-04 05:21In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800.
{
"affected": [],
"aliases": [
"CVE-2023-20768"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-04T02:15:10Z",
"severity": "MODERATE"
},
"details": "In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800.",
"id": "GHSA-p65q-g2jh-6h2p",
"modified": "2024-04-04T05:21:51Z",
"published": "2023-07-04T03:31:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20768"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P6HV-349C-8QPJ
Vulnerability from github – Published: 2022-05-24 17:23 – Updated: 2022-05-24 17:23In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150226994
{
"affected": [],
"aliases": [
"CVE-2020-0226"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-07-17T21:15:00Z",
"severity": "HIGH"
},
"details": "In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150226994",
"id": "GHSA-p6hv-349c-8qpj",
"modified": "2022-05-24T17:23:49Z",
"published": "2022-05-24T17:23:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0226"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2020-07-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.