Vulnerabilities > CVE-2021-0952 - Unspecified vulnerability in Google Android
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE local
google
Summary
In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-195748381
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |