Malicious code in hls-outreach-sms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a53e3be314f9e219be5477ddd5d6111a0c122ae7455767a1af129f3e971e7cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-0686

In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...