CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-21238

In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.4%

CVSS Severity

CVSS v3 Score 5.5

References

https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911
https://source.android.com/security/bulletin/2023-07-01
https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911
https://source.android.com/security/bulletin/2023-07-01

Products affected by CVE-2023-21238

Google » Android » Version: 11.0

cpe:2.3:o:google:android:11.0
Google » Android » Version: 12.0

cpe:2.3:o:google:android:12.0
Google » Android » Version: 12.1

cpe:2.3:o:google:android:12.1
Google » Android » Version: 13.0

cpe:2.3:o:google:android:13.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21238

Products

Pricing

Contact Us