2 matches found
CVE-2021-0979
In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of packages in which the default launcher supports requests to create pinned shortcuts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges...
CVE-2021-0979
The CVE-2021-0979 issue affects Android 12 and centers on ShortcutService.java in the Launcher path. The isRequestPinItemSupported function allows a cross-user leak of installed packages by bypassing permissions, enabling local information disclosure without requiring user interaction or addition...