Описание
In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-138441919
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00417
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-125
Связанные уязвимости
github
больше 3 лет назад
There is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-138441919
EPSS
Процентиль: 61%
0.00417
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-125