exploitDog

GHSA-rpqv-x6cm-mjw9

Опубликовано: 08 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.

The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.

Ссылки

EPSS

Процентиль: 25%

0.00085

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2024-36063

CVSS3: 7.5

nvd

больше 1 года назад

The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.

EPSS

Процентиль: 25%

0.00085

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-276