In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-862 | |
Metrics |
cvssV3_1
|
Wed, 13 Nov 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-11-13T17:25:13.791Z
Updated: 2024-11-13T21:43:11.878Z
Reserved: 2024-08-05T14:29:53.936Z
Link: CVE-2024-43090
Vulnrichment
Updated: 2024-11-13T21:43:01.073Z
NVD
Status : Received
Published: 2024-11-13T18:15:21.517
Modified: 2024-11-13T22:35:07.990
Link: CVE-2024-43090
Redhat
No data.