Lucene search
+L

5 matches found

osv
osv
added 2022/08/12 11:15 a.m.8 views

CVE-2022-2390

Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain...

8.4CVSS7.3AI score0.00105EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2022/08/12 10:25 a.m.8 views

CVE-2022-2390 Mutable pending intent in Google Play services SDK

Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain...

6.1CVSS8.5AI score0.00105EPSS
Exploits0References2
cve
cve
added 2022/08/12 10:25 a.m.93 views

CVE-2022-2390

CVE-2022-2390 affects the Google Play Services SDK. The issue stems from the mutability flag on PendingIntents passed to the Notification service, present in SDKs prior to version 18.0.2. This misconfiguration can allow an attacker to access all non-exported providers and/or other providers for w...

8.4CVSS7.3AI score0.00105EPSS
Exploits0References2Affected Software1
prion
prion
added 2015/02/23 2:59 a.m.19 views

Design/Logic Flaw

The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...

4.3CVSS7.1AI score0.00478EPSS
Exploits0References2Affected Software1
cve
cve
added 2015/02/23 2:0 a.m.50 views

CVE-2014-7922

CVE-2014-7922 involves the GoogleAuthUtil.getToken method in the Google Play services SDK prior to 2015. The vulnerability arises when the code sets parameters in OAuth token requests after detecting a corresponding opt parameter in the Bundle extras argument, enabling a crafted application to by...

4.3CVSS6.8AI score0.00478EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder