Описание
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| devel | DNE | |
| esm-apps/xenial | ignored | abandoned |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [abandoned]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [abandoned] |
| upstream | needs-triage |
Показывать по
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153.
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153.
Уязвимость операционной системы Android, позволяющая нарушителю выполнить произвольный код
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3