exploitDog

CVE-2020-11990

Опубликовано: 01 дек. 2020

Источник: nvd

CVSS3: 3.3

CVSS2: 2.1

EPSS Низкий

Описание

We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.

Ссылки

http://jvn.jp/en/jp/JVN59779918/index.html
Third Party Advisory
https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
Release Notes
Vendor Advisory
http://jvn.jp/en/jp/JVN59779918/index.html
Third Party Advisory
https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:cordova:4.1.0:*:*:*:*:android:*:*

EPSS

Процентиль: 37%

0.00158

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-m538-3c4g-4cx5

github

больше 3 лет назад

We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.

EPSS

Процентиль: 37%

0.00158

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-noinfo