exploitDog

GHSA-2qmf-q38x-5h24

Опубликовано: 04 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

EPSS

Процентиль: 1%

0.00008

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2025-48538

CVSS3: 5.5

nvd

5 месяцев назад

In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

BDU:2025-11684

CVSS3: 5.5

fstec

5 месяцев назад

Уязвимость функции setApplicationHiddenSettingAsUser() модуля PackageManagerService.java операционных систем Android, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 1%

0.00008

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20