ASB-A-163413737
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-163413737.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-163413737
- Aliases
-
- A-163413737
- CVE-2020-0460
- Published
- 2020-12-01T00:00:00Z
- Modified
- 2026-05-01T15:24:27.653932Z
- Summary
- [none]
- Details
-
In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/KeyChain
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/packages/apps/KeyChain/+/ed1888ebc3888399ec5144491e43bf7d871028e5"
],
"severity": "High",
"spl": "2020-12-01",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-163413737-31f96deb",
"digest": {
"length": 1045.0,
"function_hash": "221997742398354181207481934790901095770"
},
"source": "https://android.googlesource.com/platform/packages/apps/KeyChain/+/ed1888ebc3888399ec5144491e43bf7d871028e5",
"signature_type": "Function",
"target": {
"file": "src/com/android/keychain/KeyChainService.java",
"function": "installCaCertificate"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-163413737-c8d23889",
"digest": {
"line_hashes": [
"44590560098687051760168766726897459091",
"272424851853488853262343996302208554374",
"130889324646657065622862272637386545914",
"290567645436964943703096202905960930",
"240482688258204559067914748869522342846",
"263034695685770265284760814741924588978",
"175518438383135783705918946918443988984",
"320955727718221376347404492174626792990",
"152261998460928508289423043269525154414",
"319043089001067699808345123436641813118",
"271842744685860722142879054964127496890",
"321759900182794192351112284774773075301",
"27853003001317916211939846333620006878",
"58337750089998859649511597057431554782",
"59800681080357190351118842945544364719",
"339487220467953845062908945966528696842",
"295414141764990312668811447617814130499",
"99876064620677970989223775600999398844",
"260616571612097801813334480653209132502",
"72578530763724199313861424884341659829",
"270787940875248736092364541702780182875",
"119598650777023731799056825091187137308",
"163053674754217655828756819909126409276",
"159477423419947727588768358965481848253",
"69023563505592321534800051618716962352",
"175205717342241858386659660195215797648",
"331032745837855707749837144680938930483",
"229043925049216458461060767564442255720",
"311663205444793950467123119264056190974",
"8189326827006974136768102706812934349",
"189766111840823701127500381774134708125",
"320717695250080302830299965206304452888",
"19699155043006281039223332758034701272",
"340178411266279287843615373706448455700",
"3304655070590251331394007048333712415",
"60441235247035267594595986851864646366"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/packages/apps/KeyChain/+/ed1888ebc3888399ec5144491e43bf7d871028e5",
"signature_type": "Line",
"target": {
"file": "src/com/android/keychain/KeyChainService.java"
}
}
],
"types": [
"ID"
]
}