CVE-2022-20146

In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A
References
Configurations

Configuration 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Information

Published : 2022-06-15 02:15

Updated : 2022-06-23 08:26


NVD link : CVE-2022-20146

Mitre link : CVE-2022-20146

Products Affected
No products.