2 matches found
CVE-2022-20146
In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2022-20146
CVE-2022-20146 affects Android via the information disclosure in the uploadFile function of FileUploadServiceImpl.java, caused by a confused deputy that can expose private files locally without extra privileges. Exploitation is local and does not require user interaction. Public details in the co...