ASB-A-159145361 — Vulnetix

ASB-A-159145361 PUBLISHED CVSS 6.900000095367432 MEDIUM

In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.

Risk Scores

CVSS v4.0

6.900000095367432

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
platform	frameworks/base	9, 10:0, 10

Timeline

Jan 1, 2021 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2021-01-01 advisory
https://android.googlesource.com/platform/frameworks/base/+/a185996c829a159bb27446697329b01464ab3c03 patch
https://android.googlesource.com/platform/frameworks/base/+/e237a83f95767f669b83508bb1f594091cbd6bac patch

Open in Interactive Console →