Lucene search
Google_androidCVELIST:CVE-2024-40662HistorySep 11, 2024 - 12:09 a.m.
CVE-2024-40662
2024-09-1100:09:19
google_android
www.cve.org
4
uri.java
input validation
local escalation
EPSS
0
Percentile
9.6%
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CNA Affected
[
{
"vendor": "Google",
"product": "Android",
"versions": [
{
"version": "14",
"status": "affected"
},
{
"version": "13",
"status": "affected"
},
{
"version": "12L",
"status": "affected"
},
{
"version": "12",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-40662
2024-09-11 00:15:11
vulnrichment
vulnrichment
CVE-2024-40662
2024-09-11 00:09:19
cve
cve
CVE-2024-40662
2024-09-11 00:15:11
osv
osv
Bypass CVE-2022-20338
2024-09-01 00:00:00