Lucene search
K

4 matches found

OSV
OSV
added 2023/08/14 10:15 p.m.3 views

CVE-2023-21285

In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2023/08/14 10:15 p.m.27 views

CVE-2023-21285

In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/14 9:6 p.m.31 views

CVE-2023-21285

In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.4AI score0.00173EPSS
Exploits0References2
CVE
CVE
added 2023/08/14 9:6 p.m.185 views

CVE-2023-21285

CVE-2023-21285 affects Android’s MediaSessionRecord.java, where a flawed setMetadata function could allow a local attacker to view another user’s images via a confused deputy. The issue enables local information disclosure without additional execution privileges and does not require user interact...

5.5CVSS5.1AI score0.00173EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder