React Native Sms User Consent Intent Redirection Vulnerability

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The...

CVE-2021-4438

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The...

CVE-2021-4438 kyivstarteam react-native-sms-user-consent SmsUserConsentModule.kt registerReceiver improper export of android application components

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The...

CVE-2021-4438

CVE-2021-4438 affects kyivstarteam/react-native-sms-user-consent up to 1.1.4 on Android. The issue lies in SmsUserConsentModule.kt, registerReceiver, causing improper export of Android components. Local attack is required. Upgrading to version 1.1.5 fixes the vulnerability (patch: 5423dcb0cd3e4d5...

Google Android IntentFilter suffers from a deserialization memory overflow vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Consortium. Google Android IntentFilter has a deserialization memory overflow vulnerability. The vulnerability is that the Android system service ActivityManagerService has an...