exploitDog

GHSA-px4g-hqp9-pjwc

Опубликовано: 08 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.2

Описание

The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.nll.cb.dialer.dialer.DialerActivity component.

The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.nll.cb.dialer.dialer.DialerActivity component.

Ссылки

EPSS

Процентиль: 17%

0.00053

Низкий

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-36064

CVSS3: 6.2

nvd

больше 1 года назад

The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.nll.cb.dialer.dialer.DialerActivity component.

EPSS

Процентиль: 17%

0.00053

Низкий

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-79