2 matches found
CVE-2022-20205
In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2022-20205
CVE-2022-20205 describes an information-disclosure issue in Android where isFileUri in FileUtil.java may bypass the file:// scheme check due to improper input validation. The vulnerability allows local information disclosure without extra privileges, with exploitation not requiring user interacti...