CVE-2020-0020

CVE-2020-0020 affects the Android 10 ExifInterface.getAttributeRange implementation. The issue is an incorrect bounds check in redacting location metadata from media files, enabling local information disclosure with no user interaction required (privileges: none; attack vector: LOCAL; CVSS v3.1 b...

CVE-2016-3862

media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjheadjni, which allows remote attackers to execute arbitrary code or cause a denial of service...