2 matches found
CVE-2022-39349
The Tasks.org Android app is an open-source app for to-do lists and reminders. The Tasks.org app uses the activity ShareLinkActivity.kt to handle "share" intents coming from other components in the same device and convert them to tasks. Those intents may contain arbitrary file paths as attachment...
CVE-2022-39349
The CVE-2022-39349 vulnerability affects Tasks.org Android app prior to versions 12.7.1 and 13.0.1, where ShareLinkActivity.kt may copy files from internal storage to external storage if unvalidated file paths are supplied via share intents. This local-attack vector could disclose sensitive data ...