CVE-2024-43090

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/11/2024
Last modified:
17/12/2024

Description

In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*