Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-40662

Опубликовано: 11 сент. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%
0.00055
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-269

Связанные уязвимости

ubuntu логотип

CVE-2024-40662

CVSS3: 7.8
ubuntu
больше 1 года назад

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

github логотип

GHSA-vj44-f7fj-3gf2

CVSS3: 7.8
github
больше 1 года назад

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

EPSS

Процентиль: 17%
0.00055
Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-269