2 matches found
CVE-2023-21093
In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21093
CVE-2023-21093 concerns a path traversal in Android’s FileUtils.extractRelativePath that can let an attacker access files in directories belonging to other apps, enabling local elevation of privilege with no extra execution privileges and no user interaction. The vulnerability affects Android 11–...