-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2020-0135 (Medium) detected in baseandroid-10.0.0_r34 #207
Comments
✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory. |
ℹ️ This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory. |
✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory. |
ℹ️ This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory. |
CVE-2020-0135 - Medium Severity Vulnerability
Android framework classes and services
Library home page: https://android.googlesource.com/platform/frameworks/base
Found in HEAD commit: b97f4cac6885ec0e9b0d4e7a6f55b0e522f69cda
Found in base branch: master
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837
Publish Date: 2020-06-11
URL: CVE-2020-0135
Base Score Metrics:
Type: Upgrade version
Origin: https://android.googlesource.com/platform/frameworks/base/+/refs/tags/android-10.0.0_r37
Release Date: 2020-06-11
Fix Resolution: android-10.0.0_r37
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: