ghsa-j2j4-j7cr-p458
Vulnerability from github
Published
2022-05-24 17:25
Modified
2022-05-24 17:25
Severity
Details
In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-157598956
{ "affected": [], "aliases": [ "CVE-2020-0258" ], "database_specific": { "cwe_ids": [ "CWE-200", "CWE-459" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-08-11T20:15:00Z", "severity": "MODERATE" }, "details": "In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-157598956", "id": "GHSA-j2j4-j7cr-p458", "modified": "2022-05-24T17:25:17Z", "published": "2022-05-24T17:25:17Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0258" }, { "type": "WEB", "url": "https://source.android.com/security/bulletin/2020-08-01" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/158869/Android-App-Zygotes-Improper-Guarding.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }
Loading...