3 matches found
CVE-2021-0994
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interactio...
CVE-2021-0994
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interactio...
CVE-2021-0994
CVE-2021-0994 corresponds to an Android information-disclosure flaw described across multiple sources (NVD, Red Hat RH-CVE, CNVD, OSV) where an attacker can infer if a target app is installed by exploiting a missing permission check in ConnectivityService.java (requestRouteToHostAddress). This ca...