CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-20458

The logs of sensitive information (PII) or hardware identifier should only be printed in Android "userdebug" or "eng" build. StatusBarNotification.getKey() could contain sensitive information. However, CarNotificationListener.java, it prints out the StatusBarNotification.getKey() directly in logs, which could contain user's account name (i.e. PII), in Android "user" build.Product: AndroidVersions: Android-12LAndroid ID: A-205567776

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v3 Score 5.5

References

https://source.android.com/security/bulletin/aaos/2023-01-01
https://source.android.com/security/bulletin/aaos/2023-01-01

Products affected by CVE-2022-20458

Google » Android » Version: 12.1

cpe:2.3:o:google:android:12.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20458

Products

Pricing

Contact Us